去除缓存

# Conflicts:
#	src/main/java/com/huoran/iasf/vo/req/PageContentReqVO.java

.gitignore

@@ -0,0 +1,3 @@
+/.idea/
+**/target/
+*.class

pom.xml

@@ -52,6 +52,15 @@
 
     <dependencies>
 
+        <!-- https://mvnrepository.com/artifact/org.jsoup/jsoup -->
+        <dependency>
+            <groupId>org.jsoup</groupId>
+            <artifactId>jsoup</artifactId>
+            <version>1.17.2</version>
+        </dependency>
+
+
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-configuration-processor</artifactId>
@@ -282,6 +291,36 @@
                     <skipTests>true</skipTests>
                 </configuration>
             </plugin>
+
+            <!-- 加密插件，防止反编译 -->
+            <plugin>
+                <!-- https://gitee.com/roseboy/classfinal -->
+                <groupId>net.roseboy</groupId>
+                <artifactId>classfinal-maven-plugin</artifactId>
+                <version>1.2.1</version>
+                <configuration>
+                    <!--加密密码，如果是#号，则使用无密码模式加密，【加密后没有pom文件，不用担心泄漏】-->
+                    <password>#</password>
+                    <!--加密的包名(可为空,多个用","分割)-->
+                    <packages>com.huoran.iasf</packages>
+                    <!--需要加密的配置文件，一般是classes目录下的yml或properties文件(可为空,多个用","分割)-->
+                    <cfgfiles>*.properties,*.yml</cfgfiles>
+                    <excludes>org.spring</excludes>
+                    <!--外部依赖的jar目录，例如/tomcat/lib(可为空,多个用","分割)-->
+                    <!--<classpath></classpath>-->
+                    <!--运行命令： java -javaagent:iasf-encrypted.jar -jar iasf-encrypted.jar-->
+                    <!--机器码获取命令：java -jar classfinal-fatjar-1.2.1.jar -C -->
+                    <code>FDDEF78DF2FC3D09D733CBEAB15C3AEFD41D8CD98F00B204E9800998ECF8427ED41D8CD98F00B204E9800998ECF8427E</code>
+                </configuration>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>classFinal</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
 
         <resources>

src/main/java/com/huoran/iasf/IASFApplication.java

@@ -1,5 +1,6 @@
 package com.huoran.iasf;
 
+import com.huoran.iasf.common.annotation.EnableSecurity;
 import lombok.extern.slf4j.Slf4j;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
@@ -13,6 +14,7 @@ import java.net.InetAddress;
 @SpringBootApplication
 @MapperScan("com.huoran.iasf.mapper")
 @Slf4j
+@EnableSecurity
 @ServletComponentScan(basePackages = {"com.huoran.iasf.common.filter"}) //这一句完成了配置，Springboot的”懒理念“真的厉害。
 public class IASFApplication {
 

src/main/java/com/huoran/iasf/common/advice/DecryptHttpInputMessage.java

@@ -0,0 +1,98 @@
+package com.huoran.iasf.common.advice;
+
+
+import com.huoran.iasf.common.annotation.Decrypt;
+import com.huoran.iasf.common.config.SecretKeyConfig;
+import com.huoran.iasf.common.exception.EncryptRequestException;
+import com.huoran.iasf.common.utils.Base64Util;
+import com.huoran.iasf.common.utils.JsonUtils;
+import com.huoran.iasf.common.utils.RSAUtil;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpInputMessage;
+
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.util.stream.Collectors;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9
+ **/
+public class DecryptHttpInputMessage implements HttpInputMessage {
+
+    private Logger log = LoggerFactory.getLogger(this.getClass());
+    private HttpHeaders headers;
+    private InputStream body;
+
+
+    public DecryptHttpInputMessage(HttpInputMessage inputMessage, SecretKeyConfig secretKeyConfig, Decrypt decrypt) throws Exception {
+
+        String privateKey =  secretKeyConfig.getPrivateKey();
+        String charset = secretKeyConfig.getCharset();
+        boolean showLog = secretKeyConfig.isShowLog();
+        boolean timestampCheck = secretKeyConfig.isTimestampCheck();
+
+        if (StringUtils.isEmpty(privateKey)) {
+            throw new IllegalArgumentException("privateKey is null");
+        }
+
+        this.headers = inputMessage.getHeaders();
+        String content = new BufferedReader(new InputStreamReader(inputMessage.getBody()))
+                .lines().collect(Collectors.joining(System.lineSeparator()));
+        String decryptBody;
+        // 未加密内容
+        if (content.startsWith("{")||StringUtils.isNumeric(content)||content.length()<10) {
+            // 必须加密
+            if (decrypt.required()) {
+                log.error("not support unencrypted content:{}", content);
+                throw new EncryptRequestException("not support unencrypted content");
+            }
+            log.info("Unencrypted without decryption:{}", content);
+            decryptBody = content;
+        } else {
+            StringBuilder json = new StringBuilder();
+            content = content.replaceAll(" ", "+");
+
+            if (!StringUtils.isEmpty(content)) {
+                String[] contents = content.split("\\|");
+                for (String value : contents) {
+                    value = new String(RSAUtil.decrypt(Base64Util.decode(value), privateKey), charset);
+                    json.append(value);
+                }
+            }
+            decryptBody = json.toString();
+            if(showLog) {
+                log.info("Encrypted data received：{},After decryption：{}", content, decryptBody);
+            }
+        }
+
+        // 开启时间戳检查
+        if (timestampCheck) {
+            // 容忍最小请求时间
+            long toleranceTime = System.currentTimeMillis() - decrypt.timeout();
+            long requestTime = JsonUtils.getNode(decryptBody, "timestamp").asLong();
+            // 如果请求时间小于最小容忍请求时间, 判定为超时
+            if (requestTime < toleranceTime) {
+                log.error("Encryption request has timed out, toleranceTime:{}, requestTime:{}, After decryption：{}", toleranceTime, requestTime, decryptBody);
+                throw new EncryptRequestException("request timeout");
+            }
+        }
+
+        this.body = new ByteArrayInputStream(decryptBody.getBytes());
+    }
+
+    @Override
+    public InputStream getBody(){
+        return body;
+    }
+
+    @Override
+    public HttpHeaders getHeaders() {
+        return headers;
+    }
+}

src/main/java/com/huoran/iasf/common/advice/EncryptRequestBodyAdvice.java

@@ -0,0 +1,77 @@
+package com.huoran.iasf.common.advice;
+
+
+import com.huoran.iasf.common.annotation.Decrypt;
+import com.huoran.iasf.common.config.SecretKeyConfig;
+import com.huoran.iasf.common.exception.EncryptRequestException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.MethodParameter;
+import org.springframework.http.HttpInputMessage;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
+
+import java.lang.reflect.Method;
+import java.lang.reflect.Type;
+import java.util.Objects;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9
+ **/
+@ControllerAdvice
+public class EncryptRequestBodyAdvice  implements RequestBodyAdvice {
+
+    private Logger log = LoggerFactory.getLogger(this.getClass());
+
+    private boolean encrypt;
+    private Decrypt decryptAnnotation;
+
+    @Autowired
+    private SecretKeyConfig secretKeyConfig;
+
+    @Override
+    public boolean supports(MethodParameter methodParameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
+        Method method = methodParameter.getMethod();
+        if (Objects.isNull(method)) {
+            encrypt = false;
+            return false;
+        }
+        if (method.isAnnotationPresent(Decrypt.class) && secretKeyConfig.isOpen()) {
+            encrypt = true;
+            decryptAnnotation = methodParameter.getMethodAnnotation(Decrypt.class);
+            return true;
+        }
+        // 此处如果按照原逻辑直接返回encrypt, 会造成一次修改为true之后, 后续请求都会变成true, 在不支持时, 需要做修正
+        encrypt = false;
+        return false;
+    }
+
+    @Override
+    public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
+        return body;
+    }
+
+    @Override
+    public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
+                                           Class<? extends HttpMessageConverter<?>> converterType){
+        if (encrypt) {
+            try {
+                return new DecryptHttpInputMessage(inputMessage, secretKeyConfig, decryptAnnotation);
+            } catch (EncryptRequestException e) {
+                throw e;
+            } catch (Exception e) {
+                log.error("Decryption failed", e);
+            }
+        }
+        return inputMessage;
+    }
+
+    @Override
+    public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
+                                Class<? extends HttpMessageConverter<?>> converterType) {
+        return body;
+    }
+}

src/main/java/com/huoran/iasf/common/advice/EncryptResponseBodyAdvice.java

@@ -0,0 +1,81 @@
+package com.huoran.iasf.common.advice;
+
+
+import com.huoran.iasf.common.annotation.Encrypt;
+import com.huoran.iasf.common.config.SecretKeyConfig;
+import com.huoran.iasf.common.utils.Base64Util;
+import com.huoran.iasf.common.utils.JsonUtils;
+import com.huoran.iasf.common.utils.RSAUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.MethodParameter;
+import org.springframework.http.MediaType;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.server.ServerHttpRequest;
+import org.springframework.http.server.ServerHttpResponse;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
+
+import java.lang.reflect.Method;
+import java.util.Objects;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9
+ **/
+@ControllerAdvice
+public class EncryptResponseBodyAdvice implements ResponseBodyAdvice<Object> {
+
+    private Logger log = LoggerFactory.getLogger(this.getClass());
+
+    private boolean encrypt;
+
+    @Autowired
+    private SecretKeyConfig secretKeyConfig;
+
+    private static ThreadLocal<Boolean> encryptLocal = new ThreadLocal<>();
+
+    @Override
+    public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
+        Method method = returnType.getMethod();
+        if (Objects.isNull(method)) {
+            return encrypt;
+        }
+        encrypt = method.isAnnotationPresent(Encrypt.class) && secretKeyConfig.isOpen();
+        return encrypt;
+    }
+
+    @Override
+    public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
+                                  Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {
+        // EncryptResponseBodyAdvice.setEncryptStatus(false);
+        // Dynamic Settings Not Encrypted
+        Boolean status = encryptLocal.get();
+        if (null != status && !status) {
+            encryptLocal.remove();
+            return body;
+        }
+        if (encrypt) {
+            String publicKey = secretKeyConfig.getPublicKey();
+            try {
+                String content = JsonUtils.writeValueAsString(body);
+                if (!StringUtils.hasText(publicKey)) {
+                    throw new NullPointerException("Please configure rsa.encrypt.privatekeyc parameter!");
+                }
+                byte[] data = content.getBytes();
+                byte[] encodedData = RSAUtil.encrypt(data, publicKey);
+                String result = Base64Util.encode(encodedData);
+                if(secretKeyConfig.isShowLog()) {
+                    log.info("Pre-encrypted data：{}，After encryption：{}", content, result);
+                }
+                return result;
+            } catch (Exception e) {
+                log.error("Encrypted data exception", e);
+            }
+        }
+
+        return body;
+    }
+}

src/main/java/com/huoran/iasf/common/annotation/Decrypt.java

@@ -0,0 +1,28 @@
+package com.huoran.iasf.common.annotation;
+
+
+import com.huoran.iasf.common.exception.EncryptRequestException;
+
+import java.lang.annotation.*;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9 16:45
+ **/
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface Decrypt{
+
+    /**
+     * 请求参数一定要是加密内容
+     */
+    boolean required() default true;
+
+    /**
+     * 请求数据时间戳校验时间差
+     * 超过(当前时间-指定时间)的数据认定为伪造
+     * 注意应用程序需要捕获 {@link EncryptRequestException} 异常
+     */
+    long timeout() default 3000;
+}

src/main/java/com/huoran/iasf/common/annotation/EnableSecurity.java

@@ -0,0 +1,24 @@
+package com.huoran.iasf.common.annotation;
+
+
+import com.huoran.iasf.common.advice.EncryptRequestBodyAdvice;
+import com.huoran.iasf.common.advice.EncryptResponseBodyAdvice;
+import com.huoran.iasf.common.config.SecretKeyConfig;
+import org.springframework.context.annotation.Import;
+
+import java.lang.annotation.*;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9 16:44
+ **/
+@Target({ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+@Inherited
+@Documented
+@Import({SecretKeyConfig.class,
+        EncryptResponseBodyAdvice.class,
+        EncryptRequestBodyAdvice.class})
+public @interface EnableSecurity{
+
+}

src/main/java/com/huoran/iasf/common/annotation/Encrypt.java

@@ -0,0 +1,14 @@
+package com.huoran.iasf.common.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9 16:45
+ **/
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface Encrypt{
+
+}

src/main/java/com/huoran/iasf/common/aop/aspect/NoRepeatSubmitAop.java

@@ -1,6 +1,7 @@
 package com.huoran.iasf.common.aop.aspect;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
 import com.huoran.iasf.common.exception.BusinessException;
@@ -16,6 +17,7 @@ import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
 import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;
 import org.springframework.web.context.request.RequestContextHolder;
@@ -44,17 +46,24 @@ public class NoRepeatSubmitAop {
 
         ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
         HttpServletRequest request = attributes.getRequest();
+        HttpServletResponse response = attributes.getResponse();
         String token = request.getHeader(Constant.ACCESS_TOKEN);
         //如果header中不存在token，则从参数中获取token
         if (StringUtils.isEmpty(token)) {
             token = request.getParameter(Constant.ACCESS_TOKEN);
         }
         if (StringUtils.isEmpty(token)) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setCharacterEncoding("utf-8");
+            response.setContentType(MediaType.APPLICATION_JSON_VALUE);
             throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
         }
         //  校验并解析token，如果token过期或者篡改，则会返回null
         Claims claims = checkJWT(token);
         if (null == claims) {
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setCharacterEncoding("utf-8");
+            response.setContentType(MediaType.APPLICATION_JSON_VALUE);
             throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
         }
         String key = token + "-" + request.getServletPath();

src/main/java/com/huoran/iasf/common/config/FileUploadProperties.java

@@ -16,6 +16,7 @@ import org.springframework.util.StringUtils;
 public class FileUploadProperties {
 
     private String path;
+    private String ip;
     private String url;
     private String accessUrl;
 
@@ -28,6 +29,14 @@ public class FileUploadProperties {
         this.path = path;
     }
 
+    public String getIp() {
+        return ip;
+    }
+
+    public void setIp(String ip) {
+        this.ip = ip;
+    }
+
     public String getUrl() {
         return url;
     }

src/main/java/com/huoran/iasf/common/config/SecretKeyConfig.java

@@ -0,0 +1,77 @@
+package com.huoran.iasf.common.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * Author:Bobby
+ * DateTime:2019/4/9
+ **/
+@ConfigurationProperties(prefix = "rsa.encrypt")
+@Configuration
+public class SecretKeyConfig {
+
+    private String privateKey;
+
+    private String publicKey;
+
+    private String charset = "UTF-8";
+
+    private boolean open = true;
+
+    private boolean showLog = false;
+
+    /**
+     * 请求数据时间戳校验时间差
+     * 超过指定时间的数据认定为伪造
+     */
+    private boolean timestampCheck = false;
+
+    public String getPrivateKey() {
+        return privateKey;
+    }
+
+    public void setPrivateKey(String privateKey) {
+        this.privateKey = privateKey;
+    }
+
+    public String getPublicKey() {
+        return publicKey;
+    }
+
+    public void setPublicKey(String publicKey) {
+        this.publicKey = publicKey;
+    }
+
+    public String getCharset() {
+        return charset;
+    }
+
+    public void setCharset(String charset) {
+        this.charset = charset;
+    }
+
+    public boolean isOpen() {
+        return open;
+    }
+
+    public void setOpen(boolean open) {
+        this.open = open;
+    }
+
+    public boolean isShowLog() {
+        return showLog;
+    }
+
+    public void setShowLog(boolean showLog) {
+        this.showLog = showLog;
+    }
+
+    public boolean isTimestampCheck() {
+        return timestampCheck;
+    }
+
+    public void setTimestampCheck(boolean timestampCheck) {
+        this.timestampCheck = timestampCheck;
+    }
+}

src/main/java/com/huoran/iasf/common/config/WebMvcConfigurer.java

@@ -47,7 +47,12 @@ public class WebMvcConfigurer extends WebMvcConfigurationSupport {
     private CorsConfiguration buildConfig() {
         CorsConfiguration corsConfiguration = new CorsConfiguration();
         corsConfiguration.addAllowedHeader("*"); // 允许任何头
-        corsConfiguration.addAllowedOrigin("*"); // 允许任何头
+//        corsConfiguration.addAllowedOrigin("*"); // 允许任何头
+        corsConfiguration.addAllowedOrigin("https://new.iasf.ac.cn"); //允许信任域名
+        corsConfiguration.addAllowedOrigin("https://www.iasf.ac.cn"); //允许信任域名
+        corsConfiguration.addAllowedOrigin("http://192.168.31.125:8095"); //允许信任域名
+        corsConfiguration.addAllowedOrigin("http://192.168.31.125:8088"); //允许信任域名
+        corsConfiguration.addAllowedOrigin("http://10.10.11.7"); //允许信任域名
         corsConfiguration.addAllowedMethod("*"); // 允许任何方法（post、get等）
         return corsConfiguration;
     }

src/main/java/com/huoran/iasf/common/exception/EncryptRequestException.java

@@ -0,0 +1,14 @@
+package com.huoran.iasf.common.exception;
+
+
+/**
+ * @author imyzt
+ * @date 2020/06/02
+ * @description 加密请求超时异常
+ */
+public class EncryptRequestException extends RuntimeException {
+
+    public EncryptRequestException(String msg) {
+        super(msg);
+    }
+}

src/main/java/com/huoran/iasf/common/exception/NotFoundException.java

@@ -0,0 +1,20 @@
+package com.huoran.iasf.common.exception;
+
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+/**
+ * BusinessException
+ *
+ * @author cheney
+ * @version V1.0
+ * @date 2022年7月28日
+ */
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+public class NotFoundException extends RuntimeException {
+    private BaseResponseCode baseResponseCode;
+}

src/main/java/com/huoran/iasf/common/exception/UnauthorizedException.java

@@ -0,0 +1,13 @@
+package com.huoran.iasf.common.exception;
+
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+public class UnauthorizedException extends RuntimeException {
+    private BaseResponseCode baseResponseCode;
+}

src/main/java/com/huoran/iasf/common/exception/code/BaseResponseCode.java

@@ -24,34 +24,41 @@ public enum BaseResponseCode implements ResponseCodeInterface {
     KEY_OR_TOMEUNIT(10009, "key or TomeUnit 不能为空！"),
     DICTIONARY_DATA_FAILED(10010, "获取字典数据失败"),
     UPLOAD_EMPTY(10011, "上传内容为空"),
-    UPLOAD_FAILED(10012, "上传失败"),
+    UPLOAD_FAILED(10012, "上传失败,上传格式不支持！"),
     VERIFICATION_CODE_ERROR(10007, "验证码错误！"),
     VERIFICATION_CODE_EXPIRED(10006, "验证码已过期！"),
     CANNOT_SAME(10005, "新密码不能与旧密码相同！"),
     EXCEL_FILE_INVALID(10004, "上传excel文件错误！"),
     VALID_EXCEPTION(10003, "参数格式校验异常！"),
     OPERATION_ERROR(10002, "操作失败"),
-    SYSTEM_BUSY(10001, "系统繁忙，请稍候再试"),
+    SYSTEM_BUSY(500, "系统繁忙，请稍候再试"),
     SUCCESS(200, "success"),
 
     EXCEL_FILE_FORMAT_ERROR(40007, "请根据模板使用说明录入正确的用户信息！"),
     TOKEN_ERROR(401, "登录凭证已过期，请重新登录"),
     DATA_ERROR(401003, "传入数据异常"),
-    NOT_ACCOUNT(401004, "该用户不存在,请先注册"),
+    NOT_ACCOUNT(401004, "用户名不存在或密码错误"),
-    USER_LOCK(401005, "该用户已被锁定，请联系运营人员"),
+    USER_LOCK(401005, "该用户已被锁定，请联系管理员！"),
-    PASSWORD_ERROR(401006, "用户名或密码错误"),
+    PASSWORD_ERROR(401006, "用户名不存在或密码错误"),
-    METHOD_ARGUMENT_NOT_VALID_EXCEPTION(401007, "方法参数校验异常"),
+    METHOD_ARGUMENT_NOT_VALID_EXCEPTION(400, "参数错误！"),
-    UNAUTHORIZED_ERROR(401008, "权鉴校验不通过"),
+    ILLEGAL_CHARACTERS(400, "入参中有非法字符，请修改！"),
+//    UNAUTHORIZED_ERROR(401008, "权鉴校验不通过"),
+    UNAUTHORIZED_ERROR(401008, "无操作权限！"),
     ROLE_PERMISSION_RELATION(401009, "该菜单权限存在子集关联，不允许删除"),
     OLD_PASSWORD_ERROR(401010, "旧密码不正确"),
     NOT_PERMISSION_DELETED_DEPT(401011, "该组织机构下还关联着用户，不允许删除"),
+    DELETE_SUB_DEPARTMENTS_FIRST(401018, "请先删除子级部门！"),
     OPERATION_MENU_PERMISSION_CATALOG_ERROR(401012, "操作后的菜单类型是目录，所属菜单必须为默认顶级菜单或者目录"),
     OPERATION_MENU_PERMISSION_MENU_ERROR(401013, "操作后的菜单类型是菜单，所属菜单必须为目录类型"),
     OPERATION_MENU_PERMISSION_BTN_ERROR(401013, "操作后的菜单类型是按钮，所属菜单必须为菜单类型"),
     OPERATION_MENU_PERMISSION_URL_NOT_NULL(401015, "菜单权限的url不能为空"),
     OPERATION_MENU_PERMISSION_URL_PERMS_NULL(401016, "菜单权限的标识符不能为空"),
     ROLE_ERROR(401017, "账号角色被删，请联系管理员添加角色后再试"),
-    EXCEL_FILE_NULL(40006, "导入失败，导入数据为空！")
+    EXCEL_FILE_NULL(40006, "导入失败，导入数据为空！"),
+
+    DATA_DOES_NOT_EXIST(500, "当前数据不存在"),
+    XSS_FILTER(400, "xss攻击检查：参数含有非法攻击字符，请修改后继续操作！"),
+    SQL_FILTER(400, "sql攻击检查：参数含有非法攻击字符，请修改后继续操作！"),
     ;
 
     /**

src/main/java/com/huoran/iasf/common/exception/handler/RestExceptionHandler.java

@@ -1,20 +1,28 @@
 package com.huoran.iasf.common.exception.handler;
 
+import com.alibaba.fastjson.JSONException;
 import com.google.common.collect.Maps;
 import com.huoran.iasf.common.exception.BusinessException;
+import com.huoran.iasf.common.exception.EncryptRequestException;
+import com.huoran.iasf.common.exception.NotFoundException;
+import com.huoran.iasf.common.exception.UnauthorizedException;
 import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.R;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authz.AuthorizationException;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.converter.HttpMessageNotReadableException;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 
 import javax.validation.ConstraintViolation;
 import javax.validation.ConstraintViolationException;
+import javax.validation.ValidationException;
 import java.util.HashMap;
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicReference;
@@ -34,12 +42,35 @@ public class RestExceptionHandler {
      * 系统繁忙，请稍候再试"
      */
     @ExceptionHandler(Exception.class)
+    @ResponseStatus(HttpStatus.UNAUTHORIZED)
     public R handleException(Exception e) {
         log.error("Exception,exception:{}", e, e);
         return R.getResult(BaseResponseCode.SYSTEM_BUSY);
     }
 
+    @ExceptionHandler(IllegalArgumentException.class)
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
+    public R illegalArgumentException(IllegalArgumentException e) {
+        log.error("Exception,exception:{}", e, e);
+        return R.getResult(BaseResponseCode.METHOD_ARGUMENT_NOT_VALID_EXCEPTION);
+    }
+
+    @ExceptionHandler(EncryptRequestException.class)
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
+    public R encryptRequestException(EncryptRequestException e) {
+        log.error("Exception,exception:{}", e, e);
+        return R.getResult(BaseResponseCode.METHOD_ARGUMENT_NOT_VALID_EXCEPTION);
+    }
+
+    @ExceptionHandler(HttpMessageNotReadableException.class)
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
+    public R illegalArgumentException(JSONException e) {
+        log.error("Exception,exception:{}", e, e);
+        return R.getResult(BaseResponseCode.ILLEGAL_CHARACTERS);
+    }
+
     @ExceptionHandler(AuthenticationException.class)
+    @ResponseStatus(HttpStatus.UNAUTHORIZED)
     public R authenticationException(AuthenticationException e) {
         log.error("Exception,exception:{}", e, e);
 //        throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
@@ -50,16 +81,37 @@ public class RestExceptionHandler {
      * 自定义全局异常处理
      */
     @ExceptionHandler(value = BusinessException.class)
+    @ResponseStatus(HttpStatus.OK)
     public R businessExceptionHandler(BusinessException e) {
         log.error("Exception,exception:{}", e, e);
         BaseResponseCode em = e.getBaseResponseCode();
         return new R(em.getCode(), em.getMsg());
     }
 
+    /**
+     * 权限全局异常处理
+     */
+    @ExceptionHandler(value = UnauthorizedException.class)
+//    @ResponseStatus(HttpStatus.UNAUTHORIZED)
+    public R businessExceptionHandler(UnauthorizedException e) {
+        log.error("Exception,exception:{}", e, e);
+        BaseResponseCode em = e.getBaseResponseCode();
+        return new R(em.getCode(), em.getMsg());
+    }
+
+    @ExceptionHandler(value = NotFoundException.class)
+    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+    public R businessExceptionHandler(NotFoundException e) {
+        log.error("Exception,exception:{}", e, e);
+        BaseResponseCode em = e.getBaseResponseCode();
+        return new R(em.getCode(), em.getMsg());
+    }
+
     /**
      * 没有权限 返回403视图
      */
     @ExceptionHandler(value = AuthorizationException.class)
+    @ResponseStatus(HttpStatus.UNAUTHORIZED)
     public R errorPermission(AuthorizationException e) {
         log.error("Exception,exception:{}", e, e);
         return new R(BaseResponseCode.UNAUTHORIZED_ERROR);
@@ -70,6 +122,7 @@ public class RestExceptionHandler {
      * 处理参数格式校验异常
      */
     @ExceptionHandler(value = MethodArgumentNotValidException.class)
+    @ResponseStatus(HttpStatus.METHOD_NOT_ALLOWED)
     public R handleValidException(MethodArgumentNotValidException e){
         log.error("参数格式校验异常");
         BindingResult bindingResult = e.getBindingResult();
@@ -87,6 +140,7 @@ public class RestExceptionHandler {
      * 处理Validated List<entity> 异常
      */
     @ExceptionHandler
+    @ResponseStatus(HttpStatus.BAD_REQUEST)
     public R handle(ConstraintViolationException exception) {
         log.error("methodArgumentNotValidExceptionHandler bindingResult.allErrors():{},exception:{}", exception, exception);
         Set<ConstraintViolation<?>> violations = exception.getConstraintViolations();
@@ -98,4 +152,11 @@ public class RestExceptionHandler {
         return R.getResult(BaseResponseCode.METHOD_ARGUMENT_NOT_VALID_EXCEPTION.getCode(), builder.toString());
     }
 
+    @ExceptionHandler
+    @ResponseStatus(HttpStatus.NOT_FOUND)
+    public R handle(ValidationException e) {
+        log.error("Exception,exception:{}", e, e);
+        return new R(404, e.getMessage());
+    }
+
 }

src/main/java/com/huoran/iasf/common/filter/AuthFilter.java

@@ -2,6 +2,7 @@ package com.huoran.iasf.common.filter;
 
 
 import com.huoran.iasf.common.exception.BusinessException;
+import com.huoran.iasf.common.exception.UnauthorizedException;
 import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.Constant;
 import io.jsonwebtoken.Claims;
@@ -9,19 +10,17 @@ import io.jsonwebtoken.Jwts;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
-import org.springframework.context.annotation.Configuration;
+import org.apache.shiro.subject.Subject;
 import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
+import org.springframework.http.MediaType;
 
 import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
 import java.util.Arrays;
 
 import static com.huoran.iasf.service.HttpApiSessionService.*;
-import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
 
 /**
  * shiro过滤器 登录用户权限认证授权
@@ -46,13 +45,6 @@ public class AuthFilter implements Filter {
     @SneakyThrows
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)  {
         //每一次的请求先校验cookie
-//        HttpServletResponse httpResponse = (HttpServletResponse) response;
-//        HttpServletRequest httpRequest = (HttpServletRequest) request;
-//        httpResponse.setHeader("Access-Control-Allow-Origin", httpRequest.getHeader("Origin"));
-//        httpResponse.setHeader("Access-Control-Allow-Methods", httpRequest.getMethod());
-//        httpResponse.setHeader("Access-Control-Max-Age", "3600");
-//        httpResponse.setHeader("Access-Control-Allow-Headers", httpRequest.getHeader("Access-Control-Request-Headers"));
-//        chain.doFilter(request, response);
 
         HttpServletRequest req = (HttpServletRequest) request;
         HttpServletResponse resp = (HttpServletResponse) response;
@@ -75,16 +67,22 @@ public class AuthFilter implements Filter {
             }
             //token为空返回
             if (StringUtils.isBlank(token)) {
-                request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
+                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                resp.setCharacterEncoding("utf-8");
+                resp.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                request.setAttribute("filterError", new UnauthorizedException(BaseResponseCode.TOKEN_ERROR));
                 // 指定处理该请求的处理器
-                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response);
+                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, resp);
             }
             //  校验并解析token，如果token过期或者篡改，则会返回null
             Claims claims = checkJWT(token);
             if (null == claims) {
-                request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
+                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                resp.setCharacterEncoding("utf-8");
+                resp.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                request.setAttribute("filterError", new UnauthorizedException(BaseResponseCode.TOKEN_ERROR));
                 // 指定处理该请求的处理器
-                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response);
+                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, resp);
             }else {
                 //  校验通过后，设置用户信息到request里，在Controller中从Request域中获取用户信息
                 request.setAttribute(USER_ID_KEY, claims.get(USER_ID_KEY));

src/main/java/com/huoran/iasf/common/filter/XSSFilter.java

@@ -0,0 +1,56 @@
+package com.huoran.iasf.common.filter;
+
+import org.apache.commons.lang.StringUtils;
+import org.springframework.core.annotation.Order;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+@WebFilter(filterName = "xssFilter", urlPatterns = "/*", asyncSupported = true)
+@Order(2)
+public class XSSFilter implements Filter {
+
+    @Override
+    public void init(FilterConfig filterConfig1) throws ServletException {
+
+    }
+
+
+    @Override
+    public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
+            throws IOException, ServletException {
+
+        //注入xss过滤器实例
+        if(arg2 != null){
+            HttpServletRequest req = (HttpServletRequest) arg0;
+            String method = req.getMethod();
+            boolean methodB = false;
+            if("POST".equalsIgnoreCase(method) || "PUT".equalsIgnoreCase(method)){
+                methodB = true;
+            }
+
+            if (methodB && req.getContentType() != null && req.getContentType().startsWith("multipart/")) {
+                // 过滤
+                arg2.doFilter(req, arg1);
+            }else {
+                HttpServletResponse response = (HttpServletResponse) arg1;
+                XssHttpServletRequestWrapper reqW = new XssHttpServletRequestWrapper(req);
+                //过滤
+                arg2.doFilter(reqW, response);
+            }
+        }
+
+    }
+
+    @Override
+    public void destroy() {
+    }
+
+
+}

src/main/java/com/huoran/iasf/common/filter/XssHttpServletRequestWrapper.java

@@ -0,0 +1,265 @@
+package com.huoran.iasf.common.filter;
+
+import com.alibaba.fastjson.JSONObject;
+import com.huoran.iasf.common.exception.BusinessException;
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.jsoup.Jsoup;
+import org.jsoup.nodes.Document;
+import org.jsoup.safety.Safelist;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.*;
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+import java.util.regex.Pattern;
+
+@Slf4j
+public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
+
+    /**
+     * post请求体
+     */
+    private byte[] body;
+
+    /**
+     * 是否是文件上传
+     */
+    private boolean fileUpload = true;
+
+    //富文本验证链接
+    private static final String[] whiteList =
+            {"/iasf/sysContent/save",
+                    "/iasf/sysContent/update"};
+
+    /**
+     * sql注入正则
+     */
+    private static String badStrReg =
+            "\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
+
+    /**
+     * xss脚本正则
+     */
+    private final static Pattern[] scriptPatterns = {
+            Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("src[\r\n]*=[\r\n]*\\\'(.*?)\\\'", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
+            Pattern.compile("</script>", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("<script(.*?)>", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
+            Pattern.compile("eval\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
+            Pattern.compile("expression\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL),
+            Pattern.compile("javascript:", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("script", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("ScriPT", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("meta", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("vbscript:", Pattern.CASE_INSENSITIVE),
+            Pattern.compile("onload(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)
+    };
+
+    public XssHttpServletRequestWrapper() {
+        super(null);
+    }
+
+    /**
+     * 构造函数 - 获取post请求体
+     * @param httpservletrequest
+     * @throws IOException
+     */
+    public XssHttpServletRequestWrapper(HttpServletRequest httpservletrequest) throws IOException {
+        super(httpservletrequest);
+        String sessionStream = getBodyString(httpservletrequest);
+        body = sessionStream.getBytes(StandardCharsets.UTF_8);
+        System.out.println(httpservletrequest.getRequestURI());
+        if(Arrays.asList(whiteList).contains(httpservletrequest.getRequestURI())){
+            fileUpload = false;
+        }
+    }
+
+    /**
+     * 读取post请求体
+     * @param httpservletrequest
+     * @return
+     * @throws IOException
+     */
+    private String getBodyString(HttpServletRequest httpservletrequest) throws IOException {
+        StringBuilder sb = new StringBuilder();
+        InputStream ins = httpservletrequest.getInputStream();
+        try (BufferedReader isr = new BufferedReader(new InputStreamReader(ins, StandardCharsets.UTF_8));) {
+            String line = "";
+            while ((line = isr.readLine()) != null) {
+                sb.append(line);
+            }
+        } catch (IOException e) {
+            throw e;
+        }
+        return sb.toString();
+    }
+
+    /**
+     * 过滤springmvc中的 @RequestParam 注解中的参数
+     * @param s
+     * @return
+     */
+    @Override
+    public String[] getParameterValues(String s) {
+        String[] str = super.getParameterValues(s);
+        if (str == null) {
+            return null;
+        }
+        int i = str.length;
+        String[] as1 = new String[i];
+        for (int j = 0; j < i; j++) {
+            as1[j] = cleanXSS(cleanSQLInject(str[j]));
+        }
+//        log.info("XssHttpServletRequestWrapper净化后的请求为：========== {}", Arrays.toString(as1));
+        return as1;
+    }
+
+    /**
+     * 过滤request.getParameter的参数
+     * @param s
+     * @return
+     */
+    @Override
+    public String getParameter(String s) {
+        String s1 = super.getParameter(s);
+        if (s1 == null) {
+            return null;
+        } else {
+            String s2 = cleanXSS(cleanSQLInject(s1));
+//            log.info("XssHttpServletRequestWrapper净化后的请求为：========== {}",  s2);
+            return s2;
+        }
+    }
+
+
+    /**
+     * 过滤请求体 json 格式的
+     * @return
+     * @throws IOException
+     */
+    @Override
+    public ServletInputStream getInputStream() throws IOException {
+        // 非文件上传进行过滤
+        if (!fileUpload) {
+
+            try {
+                // 解析请求体为字符串
+                String bodyStr = new String(body, StandardCharsets.UTF_8);
+
+                // 清理HTML，只允许安全的元素和属性
+                Safelist safelist = Safelist.basicWithImages(); // 自定义safelist
+                String safeHtml = Jsoup.clean(bodyStr, "", safelist, new Document.OutputSettings().prettyPrint(false));
+                cleanSQLInject(safeHtml);
+
+            } catch (Exception e) {
+                // 处理解析或处理过程中的任何异常
+                log.error("Error processing request body {}",  e.getMessage());
+            }
+        }
+        // 将请求体参数流转 -- 流读取一次就会消失,所以我们事先读取之后就存在byte数组里边方便流转
+        final ByteArrayInputStream bais = new ByteArrayInputStream(body);
+        return new ServletInputStream() {
+
+            @Override
+            public int read() throws IOException {
+                return bais.read();
+            }
+
+            @Override
+            public boolean isFinished() {
+                return false;
+            }
+
+            @Override
+            public boolean isReady() {
+                return false;
+            }
+
+            @Override
+            public void setReadListener(ReadListener readListener) {
+            }
+        };
+    }
+
+
+    public String cleanXSS(String src) {
+        if (StringUtils.isBlank(src)) {
+            return src;
+        }
+
+        // 创建一个允许的HTML标签和属性的Safelist
+        Safelist safelist = Safelist.relaxed() // 允许大多数基本的HTML标签和属性
+                .addTags("img") // 添加额外的标签，如img（记得添加允许的属性，如src和alt）
+                .addAttributes("*", "class") // 允许所有标签使用"class"属性
+                .addAttributes("img", "src", "alt") // 允许img标签的src和alt属性
+                .addProtocols("img", "src", "http", "https") // 只允许http和https协议的src
+                ; // 移除协议相对URL，避免安全问题
+
+        // 使用JSoup进行清理
+        Document document = Jsoup.parseBodyFragment(src, ""); // 解析HTML片段
+        document.outputSettings(new Document.OutputSettings().prettyPrint(false)); // 禁止美化输出，保持原始结构
+        String html = document.html();
+        String clean = Jsoup.clean(html, "", safelist);// 使用Safelist进行清理
+
+        return clean; // 返回清理后的HTML字符串
+    }
+
+    /**
+     * 清除xss
+     * @param src 单个参数
+     * @return
+     */
+    /*public String cleanXSS(String src) {
+        if(StringUtils.isBlank(src)){
+            return src;
+        }
+        String temp = src;
+        // 校验xss脚本
+        for (Pattern pattern : scriptPatterns) {
+            temp = pattern.matcher(temp).replaceAll("");
+        }
+        // 校验xss特殊字符 匹配一个空白字符（包括空格、制表符、换页符和换行符等）//这个可以不用，因为有写数据用富文本编辑的时候有换行
+//        temp = temp.replaceAll("\0|\n|\r", "");
+        temp = temp.replaceAll("<", "<").replaceAll(">", ">");
+
+        if (!temp.equals(src)) {
+
+            log.error("xss攻击检查：参数含有非法攻击字符，已禁止继续访问！");
+            log.error("原始输入信息-->" + temp);
+
+            throw new BusinessException(BaseResponseCode.XSS_FILTER);
+        }
+
+        return src;
+    }*/
+
+    /**
+     * 过滤sql注入 -- 需要增加通配，过滤大小写组合
+     * @param src 单个参数值
+     * @return
+     */
+    public String cleanSQLInject(String src) {
+        if(StringUtils.isBlank(src)){
+            return src;
+        }
+        String cleanedText = Jsoup.clean(src, Safelist.basic());
+
+        String SQL_KEYWORD_PATTERN =
+                "(?i)(?:(?!<[^>]*?>))((select|update|insert|delete|drop|create|alter|exec|union|table|database)[^a-zA-Z0-9])";
+
+        // 过滤SQL关键字
+        cleanedText = cleanedText.replaceAll(SQL_KEYWORD_PATTERN, "");
+        // 非法sql注入正则
+//        Pattern sqlPattern = Pattern.compile(badStrReg, Pattern.CASE_INSENSITIVE);
+//        if (sqlPattern.matcher(src.toLowerCase()).find()) {
+//            log.error("sql注入检查：输入信息存在SQL攻击！");
+//            throw new BusinessException(BaseResponseCode.SQL_FILTER);
+//        }
+        return cleanedText;
+    }
+}

src/main/java/com/huoran/iasf/common/shiro/CustomAccessControlFilter.java

@@ -2,6 +2,7 @@ package com.huoran.iasf.common.shiro;
 
 import com.alibaba.fastjson.JSON;
 import com.huoran.iasf.common.exception.BusinessException;
+import com.huoran.iasf.common.exception.UnauthorizedException;
 import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.Constant;
 import com.huoran.iasf.common.utils.R;
@@ -15,6 +16,7 @@ import org.apache.shiro.subject.Subject;
 import org.apache.shiro.web.filter.AccessControlFilter;
 import org.apache.shiro.web.util.WebUtils;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.RequestMethod;
 
@@ -23,6 +25,7 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.charset.StandardCharsets;
@@ -65,6 +68,7 @@ public class CustomAccessControlFilter extends AccessControlFilter {
     protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
         HttpServletRequest request = (HttpServletRequest) servletRequest;
 //        try {
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
             Subject subject = getSubject(servletRequest, servletResponse);
             System.out.println(subject.isAuthenticated() + "");
             System.out.println(HttpContextUtils.isAjaxRequest(request));
@@ -78,19 +82,26 @@ public class CustomAccessControlFilter extends AccessControlFilter {
                 token = request.getParameter(Constant.ACCESS_TOKEN);
             }
             if (StringUtils.isEmpty(token)) {
-                request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.setCharacterEncoding("utf-8");
+                response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                request.setAttribute("filterError", new UnauthorizedException(BaseResponseCode.TOKEN_ERROR));
                 // 指定处理该请求的处理器
-                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, servletResponse);
+                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response);
             }
             //  校验并解析token，如果token过期或者篡改，则会返回null
             Claims claims = checkJWT(token);
             if (null == claims) {
-                request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.setCharacterEncoding("utf-8");
+                response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                request.setAttribute("filterError", new UnauthorizedException(BaseResponseCode.TOKEN_ERROR));
                 // 指定处理该请求的处理器
-                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, servletResponse);
+                request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, response);
             }else {
+                Subject subject1 = getSubject(servletRequest, servletResponse);
                 UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(token, token);
-                getSubject(servletRequest, servletResponse).login(usernamePasswordToken);
+                subject1.login(usernamePasswordToken);
             }
         return true;
     }

src/main/java/com/huoran/iasf/common/shiro/CustomHashedCredentialsMatcher.java

@@ -31,7 +31,8 @@ public class CustomHashedCredentialsMatcher extends SimpleCredentialsMatcher {
         String accessToken = (String) token.getPrincipal();
         if (!redisDb.exists(userTokenPrefix + accessToken)) {
             SecurityUtils.getSubject().logout();
-            throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
+//            throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
+            return false;
         }
         return true;
     }

src/main/java/com/huoran/iasf/common/shiro/CustomRealm.java

@@ -13,6 +13,7 @@ import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authz.AuthorizationException;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
@@ -61,11 +62,12 @@ public class CustomRealm extends AuthorizingRealm {
 
         String sessionInfoStr = redisDb.get(userTokenPrefix + principalCollection.getPrimaryPrincipal());
         if (StringUtils.isEmpty(sessionInfoStr)) {
-            throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
+//            throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
+            throw new AuthorizationException();
         }
         JSONObject redisSession = JSON.parseObject(sessionInfoStr);
         if (redisSession == null) {
-            throw new BusinessException(BaseResponseCode.TOKEN_ERROR);
+            throw new AuthorizationException();
         }
 
         if (redisSession.get(Constant.ROLES_KEY) != null) {

src/main/java/com/huoran/iasf/common/shiro/ShiroConfig.java

@@ -141,8 +141,14 @@ public class ShiroConfig {
         filterChainDefinitionMap.put("/sysColumn/getTheFullArticleByColumn", "anon");
         filterChainDefinitionMap.put("/sys/exportFailure", "anon");
         filterChainDefinitionMap.put("/sysColumnLongPage/getRedisCache", "anon");
+        filterChainDefinitionMap.put("/content/classification/allTheQuery", "anon");
+        filterChainDefinitionMap.put("/sysColumn/getsSublevelColumnsUnderALevel", "anon");
+        filterChainDefinitionMap.put("/sysFiles/upload", "anon");
+        filterChainDefinitionMap.put("/seo/list", "anon");
+        filterChainDefinitionMap.put("/sysContent/queryArticleColumnParent", "anon");
+
         /*filterChainDefinitionMap.put("/index/**", "anon");
-        filterChainDefinitionMap.put("/doc.html", "anon");
+        filterChainDefinitionMap.put("/iasf/doc.html", "anon");
         filterChainDefinitionMap.put("/swagger-resources/**", "anon");
         filterChainDefinitionMap.put("/v2/api-docs", "anon");
         filterChainDefinitionMap.put("/v2/api-docs-ext", "anon");
@@ -150,7 +156,7 @@ public class ShiroConfig {
         filterChainDefinitionMap.put("/static/**", "anon");
         filterChainDefinitionMap.put("/webjars/**", "anon");
         filterChainDefinitionMap.put("/druid/**", "anon");
-        filterChainDefinitionMap.put("/favicon.ico", "anon");
+        filterChainDefinitionMap.put("/iasf/favicon.ico", "anon");
         filterChainDefinitionMap.put("/captcha.jpg", "anon");
         filterChainDefinitionMap.put("/csrf", "anon");
         //文件上传可直接访问
@@ -180,6 +186,5 @@ public class ShiroConfig {
         return authorizationAttributeSourceAdvisor;
     }
 
-
 }
 

src/main/java/com/huoran/iasf/common/utils/Base64Util.java

@@ -0,0 +1,31 @@
+package com.huoran.iasf.common.utils;
+
+import org.apache.commons.codec.binary.Base64;
+
+/**
+ * Base64
+ * Author:Bobby
+ * DateTime:2019/4/9
+ **/
+public class Base64Util{
+
+    /**
+     * Decoding to binary
+     * @param base64 base64
+     * @return byte
+     * @throws Exception Exception
+     */
+    public static byte[] decode(String base64) throws Exception {
+        return Base64.decodeBase64(base64);
+    }
+
+    /**
+     * Binary encoding as a string
+     * @param bytes byte
+     * @return String
+     * @throws Exception Exception
+     */
+    public static String encode(byte[] bytes) throws Exception {
+        return new String(Base64.encodeBase64(bytes));
+    }
+}

src/main/java/com/huoran/iasf/common/utils/JsonUtils.java

@@ -0,0 +1,30 @@
+package com.huoran.iasf.common.utils;
+
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import java.io.IOException;
+
+/**
+ * @author imyzt
+ * @date 2020/06/08
+ * @description JSON 工具类
+ */
+public class JsonUtils {
+
+    private JsonUtils() {
+    }
+
+    private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+    public static JsonNode getNode(String content, String key) throws IOException {
+        JsonNode jsonNode = OBJECT_MAPPER.readTree(content);
+        return jsonNode.get(key);
+    }
+
+    public static String writeValueAsString(Object body) throws JsonProcessingException {
+        return OBJECT_MAPPER.writeValueAsString(body);
+    }
+}

src/main/java/com/huoran/iasf/common/utils/R.java

@@ -5,6 +5,8 @@ import com.huoran.iasf.common.exception.code.ResponseCodeInterface;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
+
 /**
  * 返回值R
  *
@@ -13,7 +15,9 @@ import lombok.Data;
  * @date 2022年7月28日
  */
 @Data
-public class R {
+public class R implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
 
     /**
      * 请求响应code，0为成功 其他为失败

src/main/java/com/huoran/iasf/common/utils/RSAUtil.java

@@ -0,0 +1,103 @@
+package com.huoran.iasf.common.utils;
+
+import javax.crypto.Cipher;
+import java.io.ByteArrayOutputStream;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+/**
+ * RSA Util
+ * Author:Bobby
+ * DateTime:2019/4/9
+ **/
+public class RSAUtil{
+
+    /**
+     * encryption algorithm RSA
+     */
+    public static final String KEY_ALGORITHM = "RSA";
+
+    /**
+     * RSA Maximum Encrypted Plaintext Size
+     */
+    private static final int MAX_ENCRYPT_BLOCK = 117;
+
+    /**
+     * RSA Maximum decrypted ciphertext size
+     */
+    private static final int MAX_DECRYPT_BLOCK = 256;
+
+    /**
+     * encryption
+     * @param data data
+     * @param publicKey publicKey
+     * @return byte
+     * @throws Exception Exception
+     */
+    public static byte[] encrypt(byte[] data, String publicKey)
+            throws Exception {
+        byte[] keyBytes = Base64Util.decode(publicKey);
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        Key publicK = keyFactory.generatePublic(x509KeySpec);
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        cipher.init(Cipher.ENCRYPT_MODE, publicK);
+        int inputLen = data.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // Sectional Encryption of Data
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
+                cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
+            } else {
+                cache = cipher.doFinal(data, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * MAX_ENCRYPT_BLOCK;
+        }
+        byte[] encryptedData = out.toByteArray();
+        out.close();
+        return encryptedData;
+    }
+
+    /**
+     * Decrypt
+     * @param text text
+     * @param privateKey privateKey
+     * @return byte
+     * @throws Exception Exception
+     */
+    public static byte[] decrypt(byte[] text, String privateKey)
+            throws Exception {
+        byte[] keyBytes = Base64Util.decode(privateKey);
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        cipher.init(Cipher.DECRYPT_MODE, privateK);
+        int inputLen = text.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // Sectional Encryption of Data
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
+                cache = cipher.doFinal(text, offSet, MAX_DECRYPT_BLOCK);
+            } else {
+                cache = cipher.doFinal(text, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * MAX_DECRYPT_BLOCK;
+        }
+        byte[] decryptedData = out.toByteArray();
+        out.close();
+        return decryptedData;
+    }
+}

src/main/java/com/huoran/iasf/common/utils/fileUploadUtils.java

@@ -0,0 +1,119 @@
+package com.huoran.iasf.common.utils;
+
+import com.huoran.iasf.common.exception.BusinessException;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.HashMap;
+
+import static com.huoran.iasf.common.exception.code.BaseResponseCode.UPLOAD_FAILED;
+
+/**
+ * 文件上传校验工具类
+ **/
+public class fileUploadUtils {
+
+
+    // 缓存文件魔数值
+    public static final HashMap<String, String> mFileTypes = new HashMap<String, String>();
+
+    static {
+        mFileTypes.put("FFD8FFE0", "jpg");
+        mFileTypes.put("89504E47", "png");
+        mFileTypes.put("47494638", "gif");
+//        mFileTypes.put("49492A00", "tif");
+//        mFileTypes.put("424D", "bmp");
+//        mFileTypes.put("38425053", "psd");
+//        mFileTypes.put("3C3F786D6C", "xml");
+//        mFileTypes.put("68746D6C3E", "html");
+        mFileTypes.put("D0CF11E0", "doc");
+        mFileTypes.put("D0CF11E0", "xls");//excel2003版本文件
+        mFileTypes.put("6D6F6F76", "mov");
+        mFileTypes.put("504B0304", "xlsx");//excel2007以上版本文件
+//        mFileTypes.put("5374616E64617264204A", "mdb");
+        mFileTypes.put("255044462D312E", "pdf");
+        mFileTypes.put("504B0304", "docx");
+        mFileTypes.put("00000020667479706D70","MP4");
+        mFileTypes.put("49443303000000002176","MP3");
+//        mFileTypes.put("52617221", "rar");
+//        mFileTypes.put("41564920", "avi");
+    }
+
+
+    /**
+     * 文件上传校验
+     *
+     * @param file             上传的文件
+     * @param allowedExtension 允许上传的文件后缀集合
+     * @throws Exception
+     */
+    public static final void assertAllowed(MultipartFile file, String[] allowedExtension) throws Exception {
+
+        //通过文件魔数获取文件的原始类型
+        String fileExtension = mFileTypes.get(getFileHeader(file));
+        //原始类型与允许类型集合进行比较，判断文件是否合法
+        if (!isAllowedExtension(fileExtension, allowedExtension)) {
+            throw new BusinessException(UPLOAD_FAILED);
+        }
+    }
+
+    /**
+     * 获取文件魔数值
+     *
+     * @param file
+     * @return
+     */
+    public static String getFileHeader(MultipartFile file) {
+        InputStream is = null;
+        String value = null;
+        try {
+            is = file.getInputStream();
+            byte[] b = new byte[4];
+            is.read(b, 0, b.length);
+            value = bytesToHexString(b);
+        } catch (Exception e) {
+        } finally {
+            if (null != is) {
+                try {
+                    is.close();
+                } catch (IOException e) {
+                }
+            }
+        }
+        return value;
+    }
+
+    private static String bytesToHexString(byte[] src) {
+        StringBuilder builder = new StringBuilder();
+        if (src == null || src.length <= 0) {
+            return null;
+        }
+        String hv;
+        for (int i = 0; i < src.length; i++) {
+            hv = Integer.toHexString(src[i] & 0xFF).toUpperCase();
+            if (hv.length() < 2) {
+                builder.append(0);
+            }
+            builder.append(hv);
+        }
+        System.out.println("文件魔数值为：" + builder.toString());
+        return builder.toString();
+    }
+
+    /**
+     * 判断MIME类型是否是允许的MIME类型
+     *
+     * @param extension
+     * @param allowedExtension
+     * @return
+     */
+    public static final boolean isAllowedExtension(String extension, String[] allowedExtension) {
+        for (String str : allowedExtension) {
+            if (str.equalsIgnoreCase(extension)) {
+                return true;
+            }
+        }
+        return false;
+    }
+}

src/main/java/com/huoran/iasf/controller/DeptController.java

@@ -1,5 +1,6 @@
 package com.huoran.iasf.controller;
 
+import com.huoran.iasf.common.annotation.Decrypt;
 import com.huoran.iasf.common.aop.annotation.LogAnnotation;
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
 import com.huoran.iasf.common.utils.R;
@@ -16,6 +17,9 @@ import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
 import javax.validation.Valid;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 
 /**
  * 部门管理
@@ -31,11 +35,18 @@ public class DeptController {
     @Resource
     private DeptService deptService;
     @NoRepeatSubmit
+    @Decrypt
     @PostMapping("/dept")
     @ApiOperation(value = "新增组织接口")
     @LogAnnotation(title = "机构管理", action = "新增组织")
     @RequiresPermissions("sys:dept:add")
-    public R addDept(@RequestBody @Valid SysDept vo) {
+    public R addDept(@RequestBody @Valid SysDept vo) throws UnsupportedEncodingException {
+        //中文转码
+        String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString());
+        vo.setName(name);
+
+        String pidName = URLDecoder.decode(vo.getPidName(), StandardCharsets.UTF_8.toString());
+        vo.setPidName(pidName);
         boolean ok = deptService.checkDeptRepeat(vo);
         if (ok) {
             return R.fail("同级下已存在相同的名称:" + vo.getName());
@@ -44,23 +55,31 @@ public class DeptController {
         return R.success();
     }
 
-    @DeleteMapping("/dept/{id}")
+    @PostMapping("/deleteDept")
     @ApiOperation(value = "删除组织接口")
+    @Decrypt
     @LogAnnotation(title = "机构管理", action = "删除组织")
     @RequiresPermissions("sys:dept:deleted")
-    public R deleted(@PathVariable("id") String id) {
+    public R deleted(@RequestBody String id) {
         deptService.deleted(id);
         return R.success();
     }
 
-    @PutMapping("/dept")
+    @PostMapping("/updateDept")
+    @Decrypt
     @ApiOperation(value = "更新组织信息接口")
     @LogAnnotation(title = "机构管理", action = "更新组织信息")
     @RequiresPermissions("sys:dept:update")
-    public R updateDept(@RequestBody SysDept vo) {
+    public R updateDept(@RequestBody SysDept vo) throws UnsupportedEncodingException {
         if (StringUtils.isEmpty(vo.getId())) {
             return R.fail("id不能为空");
         }
+        //中文转码
+        String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString());
+        vo.setName(name);
+
+        String pidName = URLDecoder.decode(vo.getPidName(), StandardCharsets.UTF_8.toString());
+        vo.setPidName(pidName);
         boolean ok = deptService.checkDeptRepeat(vo);
         if (ok) {
             return R.fail("同级下已存在相同的名称:" + vo.getName());
@@ -80,7 +99,7 @@ public class DeptController {
     @GetMapping("/dept/tree")
     @ApiOperation(value = "树型组织列表接口",response = DeptRespNodeVO.class)
     @LogAnnotation(title = "部门管理", action = "树型组织列表")
-//    @RequiresPermissions(value = {"sys:user:list", "sys:user:update", "sys:user:add", "sys:dept:add", "sys:dept:update"}, logical = Logical.OR)
+    @RequiresPermissions(value = {"sys:user:list", "sys:user:update", "sys:user:add", "sys:dept:add", "sys:dept:update"}, logical = Logical.OR)
     public R getTree(
             @ApiParam(name = "deptId", value = "部门id",required = false)
             @RequestParam(required = false) String deptId) {

src/main/java/com/huoran/iasf/controller/ExceptionController.java

@@ -1,6 +1,7 @@
 package com.huoran.iasf.controller;
 
 import com.huoran.iasf.common.exception.BusinessException;
+import com.huoran.iasf.common.exception.UnauthorizedException;
 import com.huoran.iasf.common.utils.Constant;
 import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -18,7 +19,7 @@ public class ExceptionController {
     @RequestMapping(Constant.ERROR_CONTROLLER_PATH)
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
     public void handleException(HttpServletRequest request){
-        throw (BusinessException) request.getAttribute("filterError");
+        throw (UnauthorizedException) request.getAttribute("filterError");
     }
 }
 

src/main/java/com/huoran/iasf/controller/RoleController.java

@@ -3,6 +3,7 @@ package com.huoran.iasf.controller;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.huoran.iasf.common.annotation.Decrypt;
 import com.huoran.iasf.common.aop.annotation.LogAnnotation;
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
 import com.huoran.iasf.common.utils.R;
@@ -22,6 +23,9 @@ import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
 import javax.validation.Valid;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -44,7 +48,7 @@ public class RoleController {
     @Resource
     private HttpSessionService httpSessionService;
     @NoRepeatSubmit
-    @PostMapping("/role")
+    @PostMapping("/addRole")
     @ApiOperation(value = "新增角色接口")
     @LogAnnotation(title = "角色管理", action = "新增角色")
     @RequiresPermissions("sys:role:add")
@@ -67,16 +71,17 @@ public class RoleController {
         return R.success();
     }
 
-    @DeleteMapping("/role/deleted")
+    @PostMapping("/role/deleted")
     @ApiOperation(value = "删除角色接口")
+    @Decrypt
     @LogAnnotation(title = "角色管理", action = "删除角色")
     @RequiresPermissions("sys:role:deleted")
-    public R deleted(@RequestBody @ApiParam(value = "id集合") List<Integer> ids) {
+    public R deleted(@RequestBody @ApiParam(value = "id集合") List<String> ids) {
         roleService.deletedRole(ids);
         return R.success();
     }
 
-    @PutMapping("/role")
+    @PostMapping("/updateRole")
     @ApiOperation(value = "更新角色信息接口")
     @LogAnnotation(title = "角色管理", action = "更新角色信息")
     @RequiresPermissions("sys:role:update")
@@ -92,11 +97,12 @@ public class RoleController {
         return R.success();
     }
 
-    @GetMapping("/role/{id}")
+    @PostMapping("/role")
+    @Decrypt
     @ApiOperation(value = "查询角色详情接口")
     @LogAnnotation(title = "角色管理", action = "查询角色详情")
-//    @RequiresPermissions("sys:role:detail")
+    @RequiresPermissions("sys:role:detail")
-    public R detailInfo(@PathVariable("id") String id) {
+    public R detailInfo(@RequestBody Integer id) {
         // return R.success(roleService.detailInfo(id));
         SysRole role = roleService.getById(id);
         QueryWrapper<SysRolePermission> wrapper = new QueryWrapper<>();
@@ -113,11 +119,17 @@ public class RoleController {
     }
 
     @PostMapping("/roles")
+    @Decrypt
     @ApiOperation(value = "分页获取角色信息接口")
     @LogAnnotation(title = "角色管理", action = "分页获取角色信息")
     @RequiresPermissions("sys:role:list")
     @SuppressWarnings("unchecked")
-    public R pageInfo(@RequestBody SysRole vo) {
+    public R pageInfo(@RequestBody SysRole vo) throws UnsupportedEncodingException {
+        if (!StringUtils.isEmpty(vo.getName())) {
+            //中文转码
+            String name = URLDecoder.decode(vo.getName(), StandardCharsets.UTF_8.toString());
+            vo.setName(name);
+        }
         LambdaQueryWrapper<SysRole> queryWrapper = Wrappers.lambdaQuery();
         if (!StringUtils.isEmpty(vo.getName())) {
             queryWrapper.like(SysRole::getName, vo.getName());

src/main/java/com/huoran/iasf/controller/SeoController.java

@@ -0,0 +1,76 @@
+package com.huoran.iasf.controller;
+
+
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.huoran.iasf.common.aop.annotation.LogAnnotation;
+import com.huoran.iasf.common.utils.R;
+import com.huoran.iasf.entity.Seo;
+import com.huoran.iasf.entity.Site;
+import com.huoran.iasf.service.SeoService;
+import com.huoran.iasf.service.SiteService;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+/**
+ * <p>
+ *  前端控制器
+ * </p>
+ *
+ * @author cheney
+ * @since 2023-08-24
+ */
+@Api(tags = "seo管理")
+@RestController
+@RequestMapping("/seo")
+public class SeoController {
+
+    @Autowired
+    private SeoService seoService;
+
+    @PostMapping("/add")
+    @ApiOperation(value = "新增seo")
+    public R addUserGroup(@RequestBody Seo seo) {
+        Seo one = seoService.getOne(new QueryWrapper<Seo>().
+                eq("title", seo.getTitle()));
+        if (ObjectUtil.isNotNull(one)){
+            R.fail("seo已存在");
+        }
+        boolean save = seoService.save(seo);
+        return save ? R.success() : R.fail("添加失败");
+    }
+
+    @PostMapping("/delete")
+    @ApiOperation(value = "删除seo")
+    public R deleted(@RequestParam Integer id) {
+        boolean remove = seoService.removeById(id);
+        return remove ? R.success() : R.fail("删除失败");
+    }
+
+    @PostMapping("/update")
+    @ApiOperation(value = "更新seo")
+    public R update(@RequestBody Seo seo) {
+        boolean update = seoService.updateById(seo);
+        return update ? R.success() : R.fail("更新失败");
+    }
+
+
+    @GetMapping("/list")
+    @ApiOperation(value = "站点seo列表")
+    public R list(@RequestParam Integer siteId) {
+        QueryWrapper<Seo> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("site_id",siteId);
+        List<Seo> list = seoService.list(queryWrapper);
+        return R.success(list);
+    }
+
+}
+

src/main/java/com/huoran/iasf/controller/SiteController.java

@@ -80,7 +80,7 @@ public class SiteController {
     @PostMapping("/list")
     @ApiOperation(value = "站点列表")
     @LogAnnotation(title = "站点管理", action = "获取所有站点")
-    @RequiresPermissions("sys:site:list")
+//    @RequiresPermissions("sys:site:list")
     public R getUserGroupAll(@RequestBody Site site) {
         LambdaQueryWrapper<Site> queryWrapper = Wrappers.lambdaQuery();
         if (!StringUtils.isEmpty(site.getSiteName())) {

src/main/java/com/huoran/iasf/controller/SysColumnController.java

@@ -2,17 +2,26 @@ package com.huoran.iasf.controller;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
+import com.huoran.iasf.common.annotation.Decrypt;
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
+import com.huoran.iasf.common.exception.NotFoundException;
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.Constant;
 import com.huoran.iasf.entity.*;
 import com.huoran.iasf.service.*;
 import com.huoran.iasf.vo.req.ColumnWeightReqVO;
+import com.huoran.iasf.vo.req.OneLevelChecksThemAll;
 import com.huoran.iasf.vo.req.PaginationColumnReqVO;
+import com.huoran.iasf.vo.req.SubLevelColumnsUnderALevel;
 import com.huoran.iasf.vo.resp.SortColumnRespVO;
 import io.swagger.annotations.*;
 import com.huoran.iasf.common.utils.R;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.Cacheable;
+import org.springframework.util.StringUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -22,8 +31,12 @@ import io.swagger.annotations.Api;
 import org.springframework.web.bind.annotation.RequestParam;
 import io.swagger.annotations.ApiOperation;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.validation.Valid;
+import java.io.UnsupportedEncodingException;
 import java.lang.reflect.InvocationTargetException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.List;
@@ -52,6 +65,9 @@ public class SysColumnController {
     @Autowired
     public SysTemplateStyleService styleService;
 
+    @Autowired
+    public SysColumnLongPageService sysColumnLongPageService;
+
     @Autowired
     public SysTemplateStyleConfigurationService templateStyleConfigurationService;
 
@@ -59,22 +75,32 @@ public class SysColumnController {
     public SysFilesService sysFilesService;
 
     @PostMapping("/listWithTree")
+    @Decrypt
     @ApiOperation(value = "栏目树结构", response = SysColumn.class)
-    public R listWithTree(@RequestBody @Validated PaginationColumnReqVO sysColumn) {
+    public R listWithTree(@RequestBody @Valid PaginationColumnReqVO sysColumn) throws UnsupportedEncodingException {
+        if (!StringUtils.isEmpty(sysColumn.getColumnName())) {
+            String columnName = URLDecoder.decode(sysColumn.getColumnName(), StandardCharsets.UTF_8.toString());
+            sysColumn.setColumnName(columnName);
+        }
         return R.success(service.listWithTree(sysColumn));
     }
 
     @PostMapping("/listWithTreeMenuVisible")
+    @Decrypt
     @ApiOperation(value = "栏目树结构(前台可见，只展示试单可见的栏目)", response = SysColumn.class)
-    public R listWithTreeMenuVisible(@RequestBody @Validated PaginationColumnReqVO sysColumn) {
+    public R listWithTreeMenuVisible(@RequestBody @Valid PaginationColumnReqVO sysColumn) {
         return R.success(service.listWithTreeMenuVisible(sysColumn));
     }
 
 
     @PostMapping("/findById")
+    @Decrypt
     @ApiOperation(value = "查询详情", response = SysColumn.class)
-    public R findById(@RequestParam("id") @ApiParam(value = "序号") Integer id) {
+    public R findById(@RequestBody @ApiParam(value = "序号") Integer id) {
         SysColumn sysColumn = service.getById(id);
+        if (sysColumn == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }
         SysTemplateStyle sysTemplateStyle = styleService.getById(sysColumn.getListStyleId());
 
         if (sysTemplateStyle.getPath() != null) {
@@ -84,9 +110,10 @@ public class SysColumnController {
         return R.success(sysColumn);
     }
 
-    @NoRepeatSubmit
+//    @NoRepeatSubmit
     @PostMapping("/save")
     @ApiOperation(value = "新增", response = SysColumn.class)
+    @RequiresPermissions("sys:column:save")
     public R save(@RequestBody @Valid SysColumn sysColumn) {
         QueryWrapper<SysColumn> queryWrapper = new QueryWrapper<SysColumn>();
         queryWrapper.eq("father_id", sysColumn.getFatherId());
@@ -98,11 +125,14 @@ public class SysColumnController {
 
     @PostMapping("/update")
     @ApiOperation(value = "修改", response = SysColumn.class)
+    @RequiresPermissions("sys:column:update")
     public R update(@RequestBody SysColumn sysColumn) {
         boolean updateState = service.updateById(sysColumn);
+        service.removeArticles(sysColumn.getId());
         return updateState ? R.success() : R.fail("编辑失败");
     }
-    @NoRepeatSubmit
+
+    /*@NoRepeatSubmit
     @PostMapping("/delete")
     @ApiOperation(value = "删除", response = SysContent.class)
     public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
@@ -121,37 +151,81 @@ public class SysColumnController {
         contentService.removeByIds(contentId);
 
         return delState ? R.success() : R.fail("删除失败");
-    }
+    }*/
+
     @NoRepeatSubmit
+    @Decrypt
     @PostMapping("/batchDeletion")
     @ApiOperation(value = "批量删除栏目", response = SysColumn.class)
-    public R batchDeletion(@ApiParam(name = "ids", value = "主键", required = true) @RequestParam List<Integer> ids) {
+    @RequiresPermissions("sys:column:batchDeletion")
+    public R batchDeletion(@ApiParam(name = "ids", value = "主键", required = true) @RequestBody List<Integer> ids) {
+        boolean ret = false;
         for (Integer id : ids) {
             UpdateWrapper<SysFilesEntity> filesEntityUpdateWrapper = new UpdateWrapper<>();
             filesEntityUpdateWrapper.eq("quote_id", id);
             filesEntityUpdateWrapper.eq("quote_type", 1);
             filesEntityUpdateWrapper.set("is_del", 1);
             sysFilesService.update(filesEntityUpdateWrapper);
-        }
+            //1 创建list集合，用于封装所有删除菜单id值
+            List<Integer> idList = new ArrayList<>();
+            //2 向idList集合设置删除菜单id
+            //找到当前菜单的子菜单  把结果id封装到idlist里面去
+            this.selectCategoryChildById(id + "", idList);
+            //把当前id封装到list里面 //现在把当前id封装进去  之前都是子菜单的id
+            idList.add(id);
 
-        boolean delState = service.removeByIds(ids);
+            //删除当前栏目以及栏目下的文章
             QueryWrapper<SysContent> queryWrapper = new QueryWrapper<>();
-        queryWrapper.in("column_id", ids);
+            queryWrapper.in("column_id", idList);
             //删除栏目后删除栏目下的文章
             contentService.remove(queryWrapper);
-        return delState ? R.success() : R.fail("删除失败");
+
+
+            //删除长页栏目
+            QueryWrapper<SysColumnLongPage> queryWrapper1 = new QueryWrapper<SysColumnLongPage>();
+            queryWrapper1.in("column_id", idList);
+            //删除栏目后删除栏目下的文章
+            sysColumnLongPageService.remove(queryWrapper1);
+            ret = service.removeByIds(idList);
+            for (Integer columnId : idList) {
+                service.removeArticles(columnId);
+            }
+        }
+
+
+        return R.success();
     }
 
     @PostMapping("/sameLevelJudgment")
+    @Decrypt
     @ApiOperation(value = "同级判重", response = ColumnWeightReqVO.class)
-    public R sameLevelJudgment(@RequestBody @Valid ColumnWeightReqVO sysColumn) {
+    public R sameLevelJudgment(@RequestBody @Valid ColumnWeightReqVO sysColumn) throws UnsupportedEncodingException {
+        if (!StringUtils.isEmpty(sysColumn.getColumnName())) {
+            //中文转码
+            String name = URLDecoder.decode(sysColumn.getColumnName(), StandardCharsets.UTF_8.toString());
+            sysColumn.setColumnName(name);
+        }
         return service.sameLevelJudgment(sysColumn) ? R.success() : R.fail("同级下已存在重复栏目!");
     }
 
     @PostMapping("/sortByColumn")
     @ApiOperation(value = "栏目排序(依据id更改)", response = SysColumn.class)
+    @RequiresPermissions("sys:column:sort")
     public R sortByColumn(@RequestBody List<SortColumnRespVO> sortColumnRespVOList) {
         for (SortColumnRespVO sort : sortColumnRespVOList) {
+
+            SysColumn column = service.getById(sort.getId());
+
+            QueryWrapper<SysColumn> queryWrapper = new QueryWrapper<>();
+            queryWrapper.eq("column_name", column.getColumnName());
+            queryWrapper.eq("site_id", column.getSiteId());
+            queryWrapper.eq("father_id", sort.getFatherId());
+            queryWrapper.last(" and id <> " + sort.getId());
+            List<SysColumn> columnList = service.list(queryWrapper);
+            if (columnList.size() > 0) {
+                return R.fail("同级下已存在重复栏目:" + column.getColumnName());
+            }
+
             SysColumn sysColumn = new SysColumn();
             BeanUtils.copyProperties(sort, sysColumn);
             service.updateById(sysColumn);
@@ -162,22 +236,25 @@ public class SysColumnController {
 
     @ApiOperation("获取一级下的子级栏目")
     @PostMapping("/getsTheSubColumn")
-    public R getsTheSubColumn(Integer id) {
+    public R getsTheSubColumn(@ApiParam(name = "id", value = "id", required = true) @RequestParam Integer id,
+                              @ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId) {
         String ids = this.getIds(id);
-        return service.getsTheSubColumn(id, ids);
+        return service.getsTheSubColumn(id, ids,siteId);
 
     }
 
 
     @ApiOperation("获取某层级下的子级栏目")
+    @Decrypt
     @PostMapping("/getsSublevelColumnsUnderALevel")
-    public R getsSublevelColumnsUnderALevel(Integer id) {
+    public R getsSublevelColumnsUnderALevel(
-        String ids = this.getIds(id);
+            @RequestBody SubLevelColumnsUnderALevel subLevelColumnsUnderALevel) {
-        return service.getsTheSubColumn(id, ids);
+        String ids = this.getIds(subLevelColumnsUnderALevel.getId());
+        return service.getsTheSubColumn(subLevelColumnsUnderALevel.getId(), ids,subLevelColumnsUnderALevel.getSiteId());
 
     }
 
-
+//    @Cacheable(value = "articles", key = "#id")
     public String getIds(Integer id) {
         //1 创建list集合，用于封装所有删除菜单id值
         List<Integer> idList = new ArrayList<>();
@@ -198,10 +275,13 @@ public class SysColumnController {
         QueryWrapper<SysColumn> wrapper = new QueryWrapper<SysColumn>();
         wrapper.eq("father_id", id);
         wrapper.eq("deleted", Constant.DATA_NOT_DELETED);
-        wrapper.select("id");//我们只想查询id  所以只需要查询指定列的值
+        //查询指定列的值
-        List<SysColumn> childIdList = service.list(wrapper);//当前菜单的所有子菜单
+        wrapper.select("id");
+        //当前菜单的所有子菜单
+        List<SysColumn> childIdList = service.list(wrapper);
         //把childIdList里面菜单id值获取出来，封装idList里面，做递归查询
-        childIdList.stream().forEach(item -> {//遍历集合得到每一个对象item
+        //遍历集合得到每一个对象item
+        childIdList.stream().forEach(item -> {
             //封装idList里面
             idList.add(item.getId());
             //递归查询
@@ -211,8 +291,11 @@ public class SysColumnController {
 
 
     @ApiOperation("获取一级下的子级栏目以及下的全部文章标签")
+    @Decrypt
     @PostMapping("/getTheFullArticleByColumn")
-    public R getTheFullArticleByColumn(@ApiParam(name = "id", value = "一级栏目id", required = true) @RequestParam Integer id) {
+    public R getTheFullArticleByColumn(
+            @ApiParam(name = "id", value = "一级栏目id", required = true)
+            @RequestBody Integer id) {
         String ids = this.getIds(id);
         return contentService.getTheFullArticleByColumn(ids);
     }
@@ -232,27 +315,74 @@ public class SysColumnController {
     }
 
     @ApiOperation("某一级查全部")
+    @Decrypt
     @PostMapping("/oneLevelChecksThemAll")
-    public R oneLevelChecksThemAll(@ApiParam(name = "id", value = "栏目id", required = true) @RequestParam Integer id,
+    public R oneLevelChecksThemAll(
-                                   @ApiParam(name = "isSort", value = "判断是否为排序接口调用(1为排序接口调用 0我栏目管理列表调用)", required = true) @RequestParam Integer isSort) {
+            @RequestBody OneLevelChecksThemAll oneLevelChecksThemAll) {
-
+        Integer pid = service.oneLevelChecksThemAll(oneLevelChecksThemAll.getId());
-        Integer pid = service.oneLevelChecksThemAll(id);
         String ids = this.getIds(pid);
-        return service.getSubColumn(pid, ids,isSort);
+        return service.getSubColumn(pid, ids, oneLevelChecksThemAll.getIsSort(),oneLevelChecksThemAll.getSiteId());
     }
 
 
     /**
      * 查询栏目下的文章(若选中栏目与子级全部栏目类型一致返回全部文章，反之查询选中栏目下的文章)
+     * 2023.02.22依需求更改为以发布时间排序(非创建时间)
+     *
      * @param columnId
      * @return
      */
     @ApiOperation("查询栏目下的文章(若选中栏目与子级全部栏目类型一致返回全部文章，反之查询选中栏目下的文章)")
+    @Decrypt
     @PostMapping("/queryArticlesByColumnType")
-    public R queryArticlesByColumnType(@ApiParam(name = "columnId", value = "栏目id", required = true) @RequestParam Integer columnId) {
+    public R queryArticlesByColumnType(
+            @ApiParam(name = "columnId", value = "栏目id", required = true)
+            @RequestBody Integer columnId) {
         String ids = this.getIds(columnId);
         return service.queryArticlesByColumnType(ids, columnId);
     }
 
+
+    @NoRepeatSubmit
+    @PostMapping("/deleteUselessData")
+    @ApiOperation(value = "删除无用数据", response = SysColumn.class)
+    public R deleteUselessData() {
+
+        QueryWrapper<SysColumn> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("deleted", 0).select("id");
+        List<SysColumn> list = service.list(queryWrapper);
+
+        for (SysColumn column : list) {
+            UpdateWrapper<SysFilesEntity> filesEntityUpdateWrapper = new UpdateWrapper<>();
+            filesEntityUpdateWrapper.eq("quote_id", column.getId());
+            filesEntityUpdateWrapper.eq("quote_type", 1);
+            filesEntityUpdateWrapper.set("is_del", 1);
+            sysFilesService.update(filesEntityUpdateWrapper);
+            //1 创建list集合，用于封装所有删除菜单id值
+            List<Integer> idList = new ArrayList<>();
+            //2 向idList集合设置删除菜单id
+            //找到当前菜单的子菜单  把结果id封装到idlist里面去
+            this.selectCategoryChildById(column.getId() + "", idList);
+            //把当前id封装到list里面 //现在把当前id封装进去  之前都是子菜单的id
+            idList.add(column.getId());
+
+            //删除当前栏目以及栏目下的文章
+            QueryWrapper<SysContent> queryWrapper1 = new QueryWrapper<>();
+            queryWrapper1.in("column_id", idList);
+            //删除栏目后删除栏目下的文章
+            contentService.remove(queryWrapper1);
+
+
+            //删除长页栏目
+            QueryWrapper<SysColumnLongPage> queryWrapper2 = new QueryWrapper<SysColumnLongPage>();
+            queryWrapper2.in("column_id", idList);
+            //删除栏目后删除栏目下的文章
+            sysColumnLongPageService.remove(queryWrapper2);
+            service.removeByIds(idList);
+        }
+
+
+        return R.success();
+    }
 }
 

src/main/java/com/huoran/iasf/controller/SysColumnLongPageController.java

@@ -2,6 +2,9 @@ package com.huoran.iasf.controller;
 
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.huoran.iasf.common.annotation.Decrypt;
+import com.huoran.iasf.common.exception.NotFoundException;
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.Constant;
 import com.huoran.iasf.entity.SysColumn;
 import com.huoran.iasf.service.SysColumnService;
@@ -51,13 +54,19 @@ public class SysColumnLongPageController {
     @ApiOperation(value = "查询详情", response = SysColumnLongPage.class)
     public R findById(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
         SysColumnLongPage sysColumnLongPage = service.getById(id);
+        if (sysColumnLongPage == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }
         return R.success(sysColumnLongPage);
     }
 
 
     @PostMapping("/getLongPageInformation")
+    @Decrypt
     @ApiOperation(value = "根据栏目id查询类型长页栏目信息", response = SysColumnLongPage.class)
-    public R getLongPageInformation(@ApiParam(name = "columnId", value = "栏目id", required = true) @RequestParam Integer columnId) {
+    public R getLongPageInformation(
+            @ApiParam(name = "columnId", value = "栏目id", required = true)
+            @RequestBody Integer columnId) {
         QueryWrapper<SysColumnLongPage> queryWrapper = new QueryWrapper<>();
         queryWrapper.eq("column_id", columnId);
         List<SysColumnLongPage> longPageList = service.list(queryWrapper);
@@ -120,8 +129,11 @@ public class SysColumnLongPageController {
 
 
     @PostMapping("/getRedisCache")
+    @Decrypt
     @ApiOperation(value = "获取Redis缓存")
-    public R getRedisCache(@ApiParam(name = "columnId", value = "栏目id主键", required = true) @RequestParam Integer columnId) {
+    public R getRedisCache(
+            @ApiParam(name = "columnId", value = "栏目id主键", required = true)
+            @RequestBody Integer columnId) {
         //保存的key名
         String key = "saveTheCache:columnId:" + columnId;
         //查看缓存是否有数据

src/main/java/com/huoran/iasf/controller/SysContentClassificationController.java

@@ -1,9 +1,14 @@
 package com.huoran.iasf.controller;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.huoran.iasf.common.annotation.Decrypt;
+import com.huoran.iasf.common.exception.NotFoundException;
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.R;
 import com.huoran.iasf.entity.SysContentClassification;
 import com.huoran.iasf.service.SysContentClassificationService;
+import com.huoran.iasf.vo.req.AllTheQuery;
+import com.huoran.iasf.vo.req.CheckForHeavy;
 import io.swagger.annotations.*;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -19,6 +24,9 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 
 import javax.validation.Valid;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
 
 
@@ -37,11 +45,12 @@ public class SysContentClassificationController {
 
 
     @PostMapping("/allTheQuery")
+    @Decrypt
     @ApiOperation(value = "查询全部文章所属分类", response = SysContentClassification.class)
-    public R allTheQuery(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId,
+    public R allTheQuery(
-                         @ApiParam(name = "templateId", value = "模板id", required = true) @RequestParam Integer templateId) {
+            @RequestBody AllTheQuery allTheQuery) {
         List<SysContentClassification> list = service.list(new QueryWrapper<SysContentClassification>()
-                .eq("site_id", siteId).eq("template_id",templateId));
+                .eq("site_id", allTheQuery.getSiteId()).eq("template_id",allTheQuery.getTemplateId()));
         return R.success(list);
     }
 
@@ -50,22 +59,26 @@ public class SysContentClassificationController {
     @ApiOperation(value = "查询详情", response = SysContentClassification.class)
     public R findById(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
         SysContentClassification sysContentClassification = service.getById(id);
+        if (sysContentClassification == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }
         return R.success(sysContentClassification);
     }
 
 
     @PostMapping("/checkForHeavy")
+    @Decrypt
     @ApiOperation(value = "分类校验判重", response = SysContentClassification.class)
-    public R checkForHeavy(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId,
+    public R checkForHeavy(
-                           @ApiParam(name = "classificationName", value = "分类名称", required = true) @RequestParam String classificationName,
+            @RequestBody CheckForHeavy checkForHeavy) throws UnsupportedEncodingException {
-                           @ApiParam(name = "classificationId", value = "分类id(新增不传，编辑传)", required = false) @RequestParam Integer classificationId) {
+        String name = URLDecoder.decode(checkForHeavy.getClassificationName(), StandardCharsets.UTF_8.toString());
-
+        checkForHeavy.setClassificationName(name);
-        QueryWrapper<SysContentClassification> queryWrapper = new QueryWrapper<SysContentClassification>().eq("site_id", siteId).
+        QueryWrapper<SysContentClassification> queryWrapper = new QueryWrapper<SysContentClassification>().eq("site_id", checkForHeavy.getSiteId()).
-                eq("classification_name", classificationName);
+                eq("classification_name", checkForHeavy.getClassificationName());
 
         //id不得空表示编辑校验
-        if (classificationId != null) {
+        if (checkForHeavy.getClassificationId() != null) {
-            queryWrapper.last(" and id != " + classificationId);
+            queryWrapper.last(" and id != " + checkForHeavy.getClassificationId());
         }
         SysContentClassification sysContentClassification = service.getOne(queryWrapper);
         if (sysContentClassification != null) {
@@ -77,31 +90,40 @@ public class SysContentClassificationController {
 
 
     @PostMapping("/save")
+    @Decrypt
     @ApiOperation(value = "新增", response = SysContentClassification.class)
-    public R save(@RequestBody @Valid @ApiParam(name = "文章所属分类对象", value = "传入json格式", required = true) SysContentClassification sysContentClassification) {
+    public R save(@RequestBody @Valid @ApiParam(name = "文章所属分类对象", value = "传入json格式", required = true) SysContentClassification sysContentClassification) throws UnsupportedEncodingException {
+        String name = URLDecoder.decode(sysContentClassification.getClassificationName(), StandardCharsets.UTF_8.toString());
+        sysContentClassification.setClassificationName(name);
+
         boolean addState = service.save(sysContentClassification);
         return addState ? R.success() : R.fail("新增失败");
     }
 
 
     @PostMapping("/update")
+    @Decrypt
     @ApiOperation(value = "修改", response = SysContentClassification.class)
-    public R update(@RequestBody @ApiParam(name = "文章所属分类对象", value = "传入json格式", required = true) SysContentClassification sysContentClassification) {
+    public R update(@RequestBody @ApiParam(name = "文章所属分类对象", value = "传入json格式", required = true) SysContentClassification sysContentClassification) throws UnsupportedEncodingException {
+        String name = URLDecoder.decode(sysContentClassification.getClassificationName(), StandardCharsets.UTF_8.toString());
+        sysContentClassification.setClassificationName(name);
         boolean updateState = service.updateById(sysContentClassification);
         return updateState ? R.success() : R.fail("编辑失败");
     }
 
 
     @PostMapping("/delete")
+    @Decrypt
     @ApiOperation(value = "删除", response = SysContentClassification.class)
-    public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
+    public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestBody Integer id) {
         boolean delState = service.removeById(id);
         return delState ? R.success() : R.fail("删除失败");
     }
 
     @PostMapping("/batchDeletion")
+    @Decrypt
     @ApiOperation(value = "批量删除", response = SysContentClassification.class)
-    public R batchDeletion(@ApiParam(name = "id", value = "主键", required = true) @RequestParam List<Integer> ids) {
+    public R batchDeletion(@ApiParam(name = "id", value = "主键", required = true) @RequestBody List<Integer> ids) {
         boolean delState = service.removeByIds(ids);
         return delState ? R.success() : R.fail("删除失败");
         //

src/main/java/com/huoran/iasf/controller/SysContentController.java

@@ -3,20 +3,25 @@ package com.huoran.iasf.controller;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.baomidou.mybatisplus.extension.toolkit.SqlHelper;
+import com.huoran.iasf.common.annotation.Decrypt;
+import com.huoran.iasf.common.exception.NotFoundException;
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.entity.SysColumn;
 import com.huoran.iasf.entity.SysContentFile;
 import com.huoran.iasf.entity.SysFilesEntity;
 import com.huoran.iasf.service.SysColumnService;
 import com.huoran.iasf.service.SysContentFileService;
 import com.huoran.iasf.service.SysFilesService;
-import com.huoran.iasf.vo.req.ContentHeavyTitleReqVO;
+import com.huoran.iasf.vo.req.*;
-import com.huoran.iasf.vo.req.ContentReq;
-import com.huoran.iasf.vo.req.PageContentReqVO;
 import com.huoran.iasf.vo.resp.PageContentRespVO;
 import io.swagger.annotations.*;
 import com.huoran.iasf.common.utils.R;
+import org.apache.commons.lang.StringUtils;
 import org.apache.ibatis.annotations.Update;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.web.bind.annotation.*;
@@ -30,7 +35,12 @@ import com.huoran.iasf.service.SysContentService;
 import com.huoran.iasf.entity.SysContent;
 
 import javax.validation.Valid;
-import java.util.List;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
+import java.util.*;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 
 /**
@@ -55,62 +65,122 @@ public class SysContentController {
     public SysFilesService sysFilesService;
 
 
-
     @PostMapping("/pagingQuery")
+    @Decrypt
     @ApiOperation(value = "分页查询文章列表", response = PageContentRespVO.class)
-    public R pagingQuery(@RequestBody @Valid @ApiParam(name = "分页查询参数", value = "传入json格式", required = true) PageContentReqVO sysContent) {
+    public R pagingQuery(@RequestBody @Valid @ApiParam(name = "分页查询参数", value = "传入json格式", required = true) PageContentReqVO sysContent) throws UnsupportedEncodingException {
+        if (!StringUtils.isEmpty(sysContent.getTitle())) {
+            //中文转码
+            String title = URLDecoder.decode(sysContent.getTitle(), StandardCharsets.UTF_8.toString());
+            sysContent.setTitle(title);
+
+        }
+        if (!StringUtils.isEmpty(sysContent.getFounder())) {
+            //中文转码
+            String founder = URLDecoder.decode(sysContent.getFounder(), StandardCharsets.UTF_8.toString());
+            sysContent.setFounder(founder);
+
+        }
+        if (!StringUtils.isEmpty(sysContent.getColumn())) {
+            //中文转码
+            String column = URLDecoder.decode(sysContent.getColumn(), StandardCharsets.UTF_8.toString());
+            sysContent.setColumn(column);
+
+        }
+        if (!StringUtils.isEmpty(sysContent.getEditor())) {
+            //中文转码
+            String editor = URLDecoder.decode(sysContent.getEditor(), StandardCharsets.UTF_8.toString());
+            sysContent.setEditor(editor);
+
+        }
         return service.articlePaginationList(sysContent);
     }
 
 
     @PostMapping("/findById")
+    @Decrypt
     @ApiOperation(value = "查询详情", response = SysContent.class)
-    public R findById(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
+    public R findById(@ApiParam(name = "id", value = "主键", required = true) @RequestBody Integer id) {
+
+
         SysContent sysContent = service.getById(id);
+        if (sysContent == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }
 
         SysColumn sysColumn = columnService.getById(sysContent.getColumnId());
+        if (sysColumn == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }
+        /*if (sysColumn == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }*/
         if (sysColumn.getColumnName() != null) {
             sysContent.setColumnName(sysColumn.getColumnName());
         }
         List<SysContentFile> fileList = fileService.getFileByContentId(id);
         sysContent.setFileList(fileList);
 
+
         return R.success(sysContent);
     }
 
     @PostMapping("/save")
+    @RequiresPermissions("sys:article:save")
     @ApiOperation(value = "新增", response = SysContent.class)
-    public R save(@RequestBody @Valid @ApiParam(name = "文章管理对象", value = "传入json格式", required = true) SysContent sysContent) {
+    public R save(
+            @ApiParam(name = "文章管理对象", value = "传入json格式", required = true)
+            @RequestBody @Valid SysContent sysContent) {
+
+      /*  QueryWrapper<SysContent> queryWrap = new QueryWrapper<>();
+        queryWrap.eq("column_id", sysContent.getColumnId());
+        queryWrap.eq("deleted", 1);
+        Integer count = service.count(queryWrap);
+        if (count == 0) {
+            count = 1;
+        }
+        sysContent.setSequence(count + 1);*/
         boolean addState = service.save(sysContent);
+        columnService.removeArticles(sysContent.getColumnId());
+
         return addState ? R.success(sysContent.getId()) : R.fail("新增失败");
     }
 
 
     @PostMapping("/update")
+    @RequiresPermissions("sys:article:update")
     @ApiOperation(value = "修改", response = SysContent.class)
     public R update(@RequestBody @ApiParam(name = "文章管理对象", value = "传入json格式", required = true) SysContent sysContent) {
         boolean updateState = service.updateById(sysContent);
+        columnService.removeArticles(sysContent.getColumnId());
         return updateState ? R.success() : R.fail("编辑失败");
     }
 
 
     @PostMapping("/delete")
+    @Decrypt
+    @RequiresPermissions("sys:article:delete")
     @ApiOperation(value = "删除", response = SysContent.class)
-    public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
+    public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestBody Integer id) {
         UpdateWrapper<SysFilesEntity> queryWrapper = new UpdateWrapper<>();
         queryWrapper.eq("quote_id", id);
         queryWrapper.eq("quote_type", 0);
         queryWrapper.set("is_del", 1);
         sysFilesService.update(queryWrapper);
+        SysContent sysContent = service.getById(id);
+        columnService.removeArticles(sysContent.getColumnId());
         boolean delState = service.removeById(id);
         return delState ? R.success() : R.fail("删除失败");
     }
 
 
     @PostMapping("/batchDeletion")
+    @Decrypt
     @ApiOperation(value = "批量删除文章", response = SysContent.class)
-    public R batchDeletion(@ApiParam(name = "ids", value = "主键", required = true) @RequestParam List<Integer> ids) {
+    public R batchDeletion(@ApiParam(name = "ids", value = "主键", required = true) @RequestBody List<Integer> ids) {
         for (Integer id : ids) {
+            SysContent sysContent = service.getById(id);
+            columnService.removeArticles(sysContent.getColumnId());
             UpdateWrapper<SysFilesEntity> queryWrapper = new UpdateWrapper<>();
             queryWrapper.eq("quote_id", id);
             queryWrapper.eq("quote_type", 0);
@@ -122,24 +192,48 @@ public class SysContentController {
     }
 
     @PostMapping("/checkIfTheTitleIsRepeat")
+//    @Decrypt
     @ApiOperation(value = "标题判重——只对已发布的判重(新增，编辑，点击发布时候都要调用判断))", response = ContentHeavyTitleReqVO.class)
-    public R checkIfTheTitleIsRepeat(@RequestBody @Valid ContentHeavyTitleReqVO content) {
+    public R checkIfTheTitleIsRepeat(@RequestBody @Valid ContentHeavyTitleReqVO content) throws UnsupportedEncodingException {
+//        if (!org.springframework.util.StringUtils.isEmpty(content.getTitle())) {
+//            //中文转码
+//            String name = URLDecoder.decode(content.getTitle(), StandardCharsets.UTF_8.toString());
+//            content.setTitle(name);
+//        }
         return service.checkIfTheTitleIsRepeat(content) ? R.success() : R.fail("该标题已重复!");
     }
 
     @PostMapping("/newlyPublishedArticles")
+    @Decrypt
     @ApiOperation(value = "站点最新发布的文章", response = PageContentReqVO.class)
-    public R newlyPublishedArticles(@RequestBody @Valid PageContentReqVO content) {
+    public R newlyPublishedArticles(@Valid @RequestBody PageContentReqVO content) throws UnsupportedEncodingException {
+        //中文转码
+        if (!StringUtils.isEmpty(content.getTitle())) {
+            String title = URLDecoder.decode(content.getTitle(), StandardCharsets.UTF_8.toString());
+            content.setTitle(title);
+        }
+        if (!StringUtils.isEmpty(content.getPatentQueryKeyWord())) {
+            String title = URLDecoder.decode(content.getPatentQueryKeyWord(), StandardCharsets.UTF_8.toString());
+            content.setPatentQueryKeyWord(title);
+        }
+        if (!StringUtils.isEmpty(content.getMonographQueryKeyWord())) {
+            String title = URLDecoder.decode(content.getMonographQueryKeyWord(), StandardCharsets.UTF_8.toString());
+            content.setMonographQueryKeyWord(title);
+        }
+        if (!StringUtils.isEmpty(content.getPaperQueryKeyWord())) {
+            String title = URLDecoder.decode(content.getPaperQueryKeyWord(), StandardCharsets.UTF_8.toString());
+            content.setPaperQueryKeyWord(title);
+        }
         return service.newlyPublishedArticles(content);
     }
 
 
     /*查询已发布的、启用了的文章列表接口*/
-    @PostMapping("/publishedEnabledArticles")
+/*    @PostMapping("/publishedEnabledArticles")
     @ApiOperation(value = "查询已发布的、启用了的文章列表", response = PageContentReqVO.class)
     public R publishedEnabledArticles() {
         return service.publishedEnabledArticles();
-    }
+    }*/
 
 
     /**
@@ -160,26 +254,35 @@ public class SysContentController {
 
 
     @PostMapping("/articleEnableOrDisable")
+    @Decrypt
+    @RequiresPermissions("sys:article:enable")
     @ApiOperation(value = "文章启用禁用", response = SysContent.class)
-    public R articleEnableOrDisable(@ApiParam(name = "id", value = "文章id", required = true) @RequestParam Integer id, @ApiParam(name = "isDisable", value = "是否禁用(0默认，0启用 1禁用)", required = true) @RequestParam Integer isDisable) {
+    public R articleEnableOrDisable(
+            @RequestBody ArticleEnableOrDisable articleEnableOrDisable) {
         UpdateWrapper<SysContent> updateWrapper = new UpdateWrapper<>();
-        updateWrapper.set("is_disable", isDisable);
+        updateWrapper.set("is_disable", articleEnableOrDisable.getIsDisable());
-        updateWrapper.eq("id", id);
+        updateWrapper.eq("id", articleEnableOrDisable.getId());
         boolean ret = service.update(updateWrapper);
         return ret ? R.success() : R.fail("禁用/启用失败");
     }
 
     @PostMapping("/articlePreview")
+    @Decrypt
     @ApiOperation(value = "增加文章浏览量(点击一次算一次)", response = SysContent.class)
-    public R articlePreview(@ApiParam(name = "contentId", value = "文章id", required = true) @RequestParam Integer contentId) {
+    public R articlePreview(
+            @ApiParam(name = "contentId", value = "文章id", required = true)
+            @RequestBody Integer contentId) {
         return R.success(service.statisticsOfPageViews(contentId));
 
     }
 
 
     @PostMapping("/hotContent")
+    @Decrypt
     @ApiOperation(value = "热点内容", response = SysContent.class)
-    public R hotContent(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId) {
+    public R hotContent(
+            @ApiParam(name = "siteId", value = "站点id", required = true)
+            @RequestBody Integer siteId) {
         return R.success(service.hotContent(siteId));
 
     }
@@ -190,5 +293,44 @@ public class SysContentController {
         return service.siteSearchArticles(req);
 
     }
+
+
+    @PostMapping("/articleTopOperation")
+    @Decrypt
+    @RequiresPermissions("sys:article:top")
+    @ApiOperation(value = "文章置顶/取消置顶", response = SysContent.class)
+    public R articleTopOperation(
+            @RequestBody ArticleTopOperation articleTopOperation) {
+        //是否置顶(默认为0 不置顶 1为置顶)
+        UpdateWrapper<SysContent> updateWrap = new UpdateWrapper<>();
+
+//        columnService.removeArticles(columnId);
+
+        if (articleTopOperation.getIsTop() == 1) {
+            //置顶时间(置顶一次更新一次)
+            updateWrap.set("top_time", new Date());
+        } else {
+            updateWrap.set("top_time", null);
+        }
+        updateWrap.set("is_top", articleTopOperation.getIsTop());
+        updateWrap.eq("id", articleTopOperation.getArticleId());
+        updateWrap.eq("deleted", 1);
+        boolean ret = service.update(updateWrap);
+        return ret ? R.success() : R.fail("操作失败");
+
+    }
+
+
+    @PostMapping("/queryArticleColumnParent")
+    @Decrypt
+    @ApiOperation(value = "查询文章的栏目父级", response = PageContentReqVO.class)
+    public R queryArticleColumnParent(
+            @ApiParam(name = "articleId", value = "文章id", required = true)
+            @RequestBody Integer articleId) {
+        return service.queryArticleColumnParent(articleId);
+    }
+
+
+
 }
 

src/main/java/com/huoran/iasf/controller/SysContentFileController.java

@@ -48,7 +48,7 @@ public class SysContentFileController {
         return R.success(sysContentFile);
     }
 
-    @NoRepeatSubmit
+//    @NoRepeatSubmit
     @PostMapping("/save")
     @ApiOperation(value = "新增", response = SysContentFile.class)
     public R save(@RequestBody  @ApiParam(name = "文章附件管理表对象", value = "传入json格式", required = true) SysContentFile sysContentFile) {
@@ -64,7 +64,7 @@ public class SysContentFileController {
         return updateState ? R.success() : R.fail("编辑失败");
     }
 
-    @NoRepeatSubmit
+//    @NoRepeatSubmit
     @PostMapping("/delete")
     @ApiOperation(value = "删除", response = SysContentFile.class)
     public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {

src/main/java/com/huoran/iasf/controller/SysContentLabelController.java

@@ -1,10 +1,14 @@
 package com.huoran.iasf.controller;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.huoran.iasf.common.annotation.Decrypt;
+import com.huoran.iasf.common.exception.NotFoundException;
+import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.R;
 import com.huoran.iasf.entity.SysContentClassification;
 import com.huoran.iasf.entity.SysContentLabel;
 import com.huoran.iasf.service.SysContentLabelService;
+import com.huoran.iasf.vo.req.LabelCheckForHeavy;
 import io.swagger.annotations.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.apache.commons.lang.StringUtils;
@@ -17,6 +21,9 @@ import org.springframework.web.bind.annotation.RequestParam;
 import io.swagger.annotations.ApiOperation;
 
 import javax.validation.Valid;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
 
 
@@ -35,8 +42,11 @@ public class SysContentLabelController {
 
 
     @PostMapping("/queryAllArticleSubjectTags")
+    @Decrypt
     @ApiOperation(value = "查询全部文章主题标签", response = SysContentLabel.class)
-    public R queryAllArticleSubjectTags(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId) {
+    public R queryAllArticleSubjectTags(
+            @ApiParam(name = "siteId", value = "站点id", required = true)
+            @RequestBody Integer siteId) {
         List<SysContentLabel> list = service.list(new QueryWrapper<SysContentLabel>().eq("site_id", siteId));
         return R.success(list);
     }
@@ -46,29 +56,37 @@ public class SysContentLabelController {
     @ApiOperation(value = "查询详情", response = SysContentLabel.class)
     public R findById(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
         SysContentLabel sysContentLabel = service.getById(id);
+        if (sysContentLabel == null) {
+            throw new NotFoundException(BaseResponseCode.DATA_DOES_NOT_EXIST);
+        }
         return R.success(sysContentLabel);
     }
 
 
     @PostMapping("/save")
+    @Decrypt
     @ApiOperation(value = "新增", response = SysContentLabel.class)
-    public R save(@RequestBody @Valid @ApiParam(name = "文章主题标签对象", value = "传入json格式", required = true) SysContentLabel sysContentLabel) {
+    public R save(@RequestBody @Valid @ApiParam(name = "文章主题标签对象", value = "传入json格式", required = true) SysContentLabel sysContentLabel) throws UnsupportedEncodingException {
+        String name = URLDecoder.decode(sysContentLabel.getLabelName(), StandardCharsets.UTF_8.toString());
+        sysContentLabel.setLabelName(name);
         boolean addState = service.save(sysContentLabel);
         return addState ? R.success() : R.fail("新增失败");
     }
 
 
     @PostMapping("/checkForHeavy")
+    @Decrypt
     @ApiOperation(value = "标签校验判重", response = SysContentLabel.class)
-    public R checkForHeavy(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId,
+    public R checkForHeavy(
-                           @ApiParam(name = "labelName", value = "标签名称", required = true) @RequestParam String labelName,
+            @RequestBody LabelCheckForHeavy labelCheckForHeavy) throws UnsupportedEncodingException {
-                           @ApiParam(name = "labelId", value = "标签id(新增不传，编辑传)", required = false) @RequestParam Integer labelId) {
+        String name = URLDecoder.decode(labelCheckForHeavy.getLabelName(), StandardCharsets.UTF_8.toString());
-
+        labelCheckForHeavy.setLabelName(name);
-        QueryWrapper<SysContentLabel> queryWrapper = new QueryWrapper<SysContentLabel>().eq("site_id", siteId).eq("label_name", labelName);
+        QueryWrapper<SysContentLabel> queryWrapper = new QueryWrapper<SysContentLabel>().
+                eq("site_id", labelCheckForHeavy.getSiteId()).eq("label_name", labelCheckForHeavy.getLabelName());
 
         //id不得空表示编辑校验
-        if (labelId != null) {
+        if (labelCheckForHeavy.getLabelId() != null) {
-            queryWrapper.last(" and id != " + labelId);
+            queryWrapper.last(" and id != " + labelCheckForHeavy.getLabelId());
         }
         SysContentLabel contentLabel = service.getOne(queryWrapper);
         if (contentLabel != null) {
@@ -80,16 +98,20 @@ public class SysContentLabelController {
 
 
     @PostMapping("/update")
+    @Decrypt
     @ApiOperation(value = "修改", response = SysContentLabel.class)
-    public R update(@RequestBody @ApiParam(name = "文章主题标签对象", value = "传入json格式", required = true) SysContentLabel sysContentLabel) {
+    public R update(@RequestBody @ApiParam(name = "文章主题标签对象", value = "传入json格式", required = true) SysContentLabel sysContentLabel) throws UnsupportedEncodingException {
+        String name = URLDecoder.decode(sysContentLabel.getLabelName(), StandardCharsets.UTF_8.toString());
+        sysContentLabel.setLabelName(name);
         boolean updateState = service.updateById(sysContentLabel);
         return updateState ? R.success() : R.fail("编辑失败");
     }
 
 
     @PostMapping("/delete")
+    @Decrypt
     @ApiOperation(value = "删除", response = SysContentLabel.class)
-    public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestParam Integer id) {
+    public R delete(@ApiParam(name = "id", value = "主键", required = true) @RequestBody Integer id) {
         boolean delState = service.removeById(id);
         return delState ? R.success() : R.fail("删除失败");
     }

src/main/java/com/huoran/iasf/controller/SysFilesController.java

@@ -6,9 +6,11 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.huoran.iasf.common.annotation.Decrypt;
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
 import com.huoran.iasf.common.config.NonStaticResourceHttpRequestConfig;
 import com.huoran.iasf.common.utils.R;
+import com.huoran.iasf.common.utils.fileUploadUtils;
 import com.huoran.iasf.entity.SysFilesEntity;
 import com.huoran.iasf.entity.SysUser;
 import com.huoran.iasf.service.HttpSessionService;
@@ -19,9 +21,10 @@ import com.huoran.iasf.vo.req.FileParameters;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
+import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.authz.annotation.Logical;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.resource.ResourceHttpRequestHandler;
@@ -31,11 +34,14 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.List;
+import java.util.regex.Pattern;
 
 
 /**
@@ -69,13 +75,13 @@ public class SysFilesController {
         result.put("imageFieldName", "file");
         return result.toJSONString();
     }
-    @NoRepeatSubmit
+//    @NoRepeatSubmit
     @ApiOperation(value = "新增")
     @PostMapping("/upload")
 //    @RequiresPermissions(value = {"sysFiles:add", "sysContent:update", "sysContent:add"}, logical = Logical.OR)
     public UEditorResultVO add(
             @RequestParam(required = false) String action,
-            @RequestParam(value = "file") MultipartFile file, FileParameters fileParameters) {
+            @RequestParam(value = "file") MultipartFile file, FileParameters fileParameters) throws Exception {
         Integer userId = httpSessionService.getCurrentUserId();
         fileParameters.setUploader(userId.toString());
         //判断文件是否空
@@ -84,9 +90,17 @@ public class SysFilesController {
             uEditorResult.setState("error");
             return uEditorResult;
         }
+
+        String pattern = ".*\\.(mp4|MP3|MP4|jpg|png|gif|doc|xls|xlsx|docx|pdf|mp3)$";
+        boolean hasExtension = Pattern.matches(pattern, file.getOriginalFilename());
+        if (!hasExtension){
+            String[] allowedExtension = new String[]{"jpg", "png", "gif", "doc", "xls", "xlsx", "docx", "pdf", "mov","mp4","MP3"};
+            fileUploadUtils.assertAllowed(file,allowedExtension);
+        }
         return sysFilesService.saveFile(file,fileParameters);
     }
 
+
     @ApiOperation(value = "更新文件信息")
     @PostMapping("/update")
     public R update(@RequestBody FileParameters fileParameters) {
@@ -105,7 +119,7 @@ public class SysFilesController {
     public void preview(@PathVariable String id, HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
         sysFilesService.preview(id, req, res);
     }
-    @NoRepeatSubmit
+//    @NoRepeatSubmit
     @ApiOperation(value = "文件下载")
     @GetMapping("/download/{id}")
     public void download(@PathVariable String id, HttpServletRequest req, HttpServletResponse res) {
@@ -113,7 +127,8 @@ public class SysFilesController {
     }
 
     @ApiOperation(value = "删除")
-    @DeleteMapping("/delete")
+    @PostMapping("/delete")
+    @Decrypt
     @RequiresPermissions("sysFiles:delete")
     public R delete(@RequestBody @ApiParam(value = "id集合") List<String> ids) {
         sysFilesService.removeByIdsAndFiles(ids);
@@ -123,8 +138,30 @@ public class SysFilesController {
     @ApiOperation(value = "查询分页数据",response = SysFilesEntity.class)
     @PostMapping("/listByPage")
     @RequiresPermissions("sysFiles:list")
-    public R findListByPage(@RequestBody SysFilesEntity sysFiles) {
+    public R findListByPage(@RequestBody SysFilesEntity sysFiles) throws UnsupportedEncodingException {
-        LambdaQueryWrapper<SysFilesEntity> queryWrapper = Wrappers.lambdaQuery();
+        if (!StringUtils.isEmpty(sysFiles.getQuote())) {
+            //中文转码
+            String title = URLDecoder.decode(sysFiles.getQuote(), StandardCharsets.UTF_8.toString());
+            sysFiles.setQuote(title);
+        }
+        if (!StringUtils.isEmpty(sysFiles.getFileName())) {
+            //中文转码
+            String title = URLDecoder.decode(sysFiles.getFileName(), StandardCharsets.UTF_8.toString());
+            sysFiles.setFileName(title);
+        }
+        if (!StringUtils.isEmpty(sysFiles.getUploader())) {
+            //中文转码
+            String title = URLDecoder.decode(sysFiles.getUploader(), StandardCharsets.UTF_8.toString());
+            sysFiles.setUploader(title);
+        }
+        if (!StringUtils.isEmpty(sysFiles.getType())) {
+            //中文转码
+            String title = URLDecoder.decode(sysFiles.getType(), StandardCharsets.UTF_8.toString());
+            sysFiles.setType(title);
+        }
+        return sysFilesService.getPage(sysFiles);
+
+        /*LambdaQueryWrapper<SysFilesEntity> queryWrapper = Wrappers.lambdaQuery();
         if (!StringUtils.isEmpty(sysFiles.getFileName())) {
             queryWrapper.like(SysFilesEntity::getFileName, sysFiles.getFileName());
         }
@@ -155,7 +192,7 @@ public class SysFilesController {
                 }
             }
         });
-        return R.success(iPage);
+        return R.success(iPage);*/
     }
 
 }

src/main/java/com/huoran/iasf/controller/SysNavigationStyleController.java

@@ -1,6 +1,7 @@
 package com.huoran.iasf.controller;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.huoran.iasf.common.annotation.Decrypt;
 import io.swagger.annotations.*;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.huoran.iasf.common.utils.R;
@@ -36,8 +37,9 @@ public class SysNavigationStyleController {
 
 
     @PostMapping("/searchAllBySite")
+    @Decrypt
     @ApiOperation(value = "按站点搜索所有", response = SysNavigationStyle.class)
-    public R listByEntity(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestParam Integer siteId) {
+    public R listByEntity(@ApiParam(name = "siteId", value = "站点id", required = true) @RequestBody Integer siteId) {
         QueryWrapper<SysNavigationStyle> queryWrapper = new QueryWrapper<>();
         queryWrapper.eq("site_id", siteId);
         List<SysNavigationStyle> pageList = service.list(queryWrapper);

src/main/java/com/huoran/iasf/controller/UserController.java

@@ -1,11 +1,16 @@
 package com.huoran.iasf.controller;
 
+
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.huoran.iasf.common.annotation.Decrypt;
 import com.huoran.iasf.common.aop.annotation.LogAnnotation;
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
 import com.huoran.iasf.common.utils.R;
+import com.huoran.iasf.common.utils.fileUploadUtils;
 import com.huoran.iasf.entity.SysUser;
+import com.huoran.iasf.entity.UserDept;
+import com.huoran.iasf.mapper.UserDeptMapper;
 import com.huoran.iasf.service.HttpSessionService;
 import com.huoran.iasf.service.UserService;
 import com.huoran.iasf.vo.CheckVo;
@@ -29,8 +34,12 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
 import java.util.Map;
+import java.util.regex.Pattern;
 
 /**
  * 用户管理
@@ -47,10 +56,14 @@ public class UserController {
     @Resource
     private UserService userService;
 
+    @Resource
+    private UserDeptMapper userDeptMapper;
+
     @Resource
     private HttpSessionService httpSessionService;
 
     @PostMapping(value = "/user/login")
+    @Decrypt
     @ApiOperation(value = "用户登录接口")
     public R login(@RequestBody @Valid SysUser vo) {
         return R.success(userService.login(vo));
@@ -63,11 +76,22 @@ public class UserController {
         return R.success();
     }*/
 
-    @PutMapping("/user")
+    @PostMapping("/updateUser")
     @ApiOperation(value = "更新用户信息接口")
     @LogAnnotation(title = "用户管理", action = "更新用户信息")
-//    @RequiresPermissions("sys:user:update")
+    @Decrypt
-    public R updateUserInfo(@RequestBody SysUser vo) {
+    @RequiresPermissions("sys:user:update")
+    public R updateUserInfo(@RequestBody SysUser vo) throws UnsupportedEncodingException {
+        //中文转码
+        if (!StringUtils.isEmpty(vo.getRealName())) {
+            String realName = URLDecoder.decode(vo.getRealName(), StandardCharsets.UTF_8.toString());
+            vo.setRealName(realName);
+        }
+        if (!StringUtils.isEmpty(vo.getUsername())) {
+            String realName = URLDecoder.decode(vo.getUsername(), StandardCharsets.UTF_8.toString());
+            vo.setUsername(realName);
+        }
+
         if (StringUtils.isEmpty(vo.getId())) {
             return R.fail("id不能为空");
         }
@@ -75,28 +99,52 @@ public class UserController {
         return R.success();
     }
 
-    @GetMapping("/user/{id}")
+    @PostMapping("/queryUser")
     @ApiOperation(value = "查询用户详情接口")
+    @Decrypt
     @LogAnnotation(title = "用户管理", action = "查询用户详情")
-//    @RequiresPermissions("sys:user:detail")
+    @RequiresPermissions("sys:user:detail")
-    public R detailInfo(@PathVariable("id") String id) {
+    public R detailInfo(@RequestBody Integer id) {
         UserListResp userResp = userService.detailInfo(id);
         return R.success(userResp);
     }
 
+    @PostMapping("/personalData")
+    @ApiOperation(value = "查询个人资料接口")
+    @LogAnnotation(title = "用户管理", action = "查询个人资料接口")
+    public R personalData() {
+        Integer currentUserId = httpSessionService.getCurrentUserId();
+        UserListResp userResp = userService.detailInfo(currentUserId);
+        return R.success(userResp);
+    }
+
     @PostMapping("/users")
     @ApiOperation(value = "分页获取用户列表接口")
-//    @RequiresPermissions("sys:user:list")
+    @RequiresPermissions("sys:user:list")
+    @Decrypt
     @LogAnnotation(title = "用户管理", action = "分页获取用户列表")
-    public R pageInfo(@RequestBody UserListReq userListReq) {
+    public R pageInfo(@RequestBody UserListReq userListReq) throws UnsupportedEncodingException {
+        //中文转码
+        String key = URLDecoder.decode(userListReq.getKeyWord(), StandardCharsets.UTF_8.toString());
+        userListReq.setKeyWord(key);
         return userService.pageInfo(userListReq);
     }
 
     @PostMapping("/user")
     @ApiOperation(value = "新增用户接口")
-//    @RequiresPermissions("sys:user:add")
+    @RequiresPermissions("sys:user:add")
+    @Decrypt
     @LogAnnotation(title = "用户管理", action = "新增用户")
-    public R addUser(@RequestBody @Valid SysUser vo) {
+    public R addUser(@RequestBody @Valid SysUser vo) throws UnsupportedEncodingException {
+        //中文转码
+        if (!StringUtils.isEmpty(vo.getRealName())) {
+            String realName = URLDecoder.decode(vo.getRealName(), StandardCharsets.UTF_8.toString());
+            vo.setRealName(realName);
+        }
+        if (!StringUtils.isEmpty(vo.getUsername())) {
+            String realName = URLDecoder.decode(vo.getUsername(), StandardCharsets.UTF_8.toString());
+            vo.setUsername(realName);
+        }
         userService.addUser(vo);
         return R.success();
     }
@@ -142,8 +190,14 @@ public class UserController {
     }
     @NoRepeatSubmit
     @ApiOperation(value = "密码重置", notes = "密码重置")
-    @GetMapping("/resetPwd")
+    @Decrypt
-    public R resetPwd(@RequestParam("userId") String userId) {
+    @PostMapping("/resetPwd")
+    @RequiresPermissions("sys:user:resetPwd")
+    public R resetPwd(@RequestBody String userId) {
+//        Integer currentUserId = httpSessionService.getCurrentUserId();
+//        if (!userId.equals(currentUserId.toString())){
+//            return R.fail("只能修改自己的密码");
+//        }
         return userService.resetPwd(userId);
     }
 
@@ -157,34 +211,45 @@ public class UserController {
         return R.success();
     }
     @NoRepeatSubmit
-    @PutMapping("/user/pwd")
+    @Decrypt
+    @PostMapping("/user/pwd")
     @ApiOperation(value = "修改密码接口")
     @LogAnnotation(title = "用户管理", action = "更新密码")
     public R updatePwd(@RequestBody SysUser vo) {
         if (StringUtils.isEmpty(vo.getOldPwd()) || StringUtils.isEmpty(vo.getNewPwd())) {
             return R.fail("旧密码与新密码不能为空");
         }
-        // Integer userId = httpSessionService.getCurrentUserId();
+         Integer userId = httpSessionService.getCurrentUserId();
-        // vo.setId(userId);
+         if (!userId.equals(vo.getId())){
+             return R.fail("只能修改自己的密码");
+         }
+        boolean password = userService.checkPassword(vo.getNewPwd());
+         if (!password){
+             return R.fail("密码长度不小于8位,至少包含数字、大小写字母和特殊字符");
+         }
         userService.updatePwd(vo);
         return R.success();
     }
     @NoRepeatSubmit
-    @DeleteMapping("/user")
+    @PostMapping("/deletedUser")
     @ApiOperation(value = "删除用户接口")
+    @Decrypt
     @LogAnnotation(title = "用户管理", action = "删除用户")
-//    @RequiresPermissions("sys:user:deleted")
+    @RequiresPermissions("sys:user:deleted")
-    public R deletedUser(@RequestBody @ApiParam(value = "用户id集合") List<Integer> userIds) {
+    public R deletedUser(@RequestBody @ApiParam(value = "用户id集合") List<String> userIds) {
         //删除用户， 删除redis的绑定的角色跟权限
         httpSessionService.abortUserByUserIds(userIds);
         LambdaQueryWrapper<SysUser> queryWrapper = Wrappers.lambdaQuery();
         queryWrapper.in(SysUser::getId, userIds);
         userService.remove(queryWrapper);
+        //删除用户部门
+        userDeptMapper.delete(Wrappers.<UserDept>lambdaQuery().in(UserDept::getUserId, userIds));
         return R.success();
     }
 
     @PostMapping("/importStaff")
     @ApiOperation("批量导入员工")
+    @RequiresPermissions("sys:user:import")
     public R importStaff(@RequestParam(name = "file") MultipartFile file, HttpServletRequest request) throws IOException {
         Map<String, String> map = userService.importStaff(file);
         return R.success(map);
@@ -213,8 +278,16 @@ public class UserController {
 
     @ApiOperation(value = "修改用户头像")
     @PostMapping("/updateUserAvatars")
-    public R updateUserAvatars(@RequestParam String userId, MultipartFile file) {
+    public R updateUserAvatars(MultipartFile file) throws Exception {
-        return userService.updateUserAvatars(userId, file);
+
+        String pattern = ".*\\.(jpg|png|gif)$";
+        boolean hasExtension = Pattern.matches(pattern, file.getOriginalFilename());
+        if (!hasExtension){
+            String[] allowedExtension = new String[]{"jpg", "png", "gif"};
+            fileUploadUtils.assertAllowed(file,allowedExtension);
+        }
+        Integer currentUserId = httpSessionService.getCurrentUserId();
+        return userService.updateUserAvatars(currentUserId.toString(), file);
     }
 
 }

src/main/java/com/huoran/iasf/controller/UserGroupController.java

@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.huoran.iasf.common.annotation.Decrypt;
 import com.huoran.iasf.common.aop.annotation.LogAnnotation;
 import com.huoran.iasf.common.aop.annotation.NoRepeatSubmit;
 import com.huoran.iasf.common.utils.R;
@@ -19,6 +20,10 @@ import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
 
 /**
@@ -37,43 +42,56 @@ public class UserGroupController {
     @Autowired
     private UserGroupService userGroupService;
     @NoRepeatSubmit
+    @Decrypt
     @PostMapping("/add")
     @ApiOperation(value = "新增用户组")
     @LogAnnotation(title = "用户组管理", action = "新增用户组")
     @RequiresPermissions("sys:userGroup:add")
-    public R addUserGroup(@RequestBody @Valid UserGroup userGroup) {
+    public R addUserGroup(@RequestBody @Valid UserGroup userGroup) throws UnsupportedEncodingException {
+        //中文转码
+        String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString());
+        userGroup.setGroupName(groupName);
+        String description = URLDecoder.decode(userGroup.getDescription(), StandardCharsets.UTF_8.toString());
+        userGroup.setDescription(description);
         UserGroup one = userGroupService.getOne(new QueryWrapper<UserGroup>().
                 eq("group_name", userGroup.getGroupName()));
         if (ObjectUtil.isNotNull(one)){
-            R.fail("用户组已存在");
+            return R.fail("用户组已存在");
         }
         userGroupService.save(userGroup);
         return R.success();
     }
     @NoRepeatSubmit
-    @DeleteMapping("/delete/{id}")
+    @Decrypt
+    @PostMapping("/deleteUserGroup")
     @ApiOperation(value = "删除用户组")
     @LogAnnotation(title = "用户组管理", action = "删除用户组")
     @RequiresPermissions("sys:userGroup:deleted")
-    public R deleted(@PathVariable("id") Integer id) {
+    public R deleted(@RequestBody Integer id) {
         userGroupService.removeById(id);
         return R.success();
     }
 
-    @PutMapping("/update")
+    @PostMapping("/updateUserGroup")
+    @Decrypt
     @ApiOperation(value = "更新用户组信息")
     @LogAnnotation(title = "用户组管理", action = "更新用户组信息")
     @RequiresPermissions("sys:userGroup:update")
-    public R updateUserGroup(@RequestBody UserGroup userGroup) {
+    public R updateUserGroup(@RequestBody UserGroup userGroup) throws UnsupportedEncodingException {
         if (StringUtils.isEmpty(userGroup.getId())) {
             return R.fail("id不能为空");
         }
+        //中文转码
+        String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString());
+        userGroup.setGroupName(groupName);
+        String description = URLDecoder.decode(userGroup.getDescription(), StandardCharsets.UTF_8.toString());
+        userGroup.setDescription(description);
         QueryWrapper<UserGroup> queryWrapper = new QueryWrapper<>();
         queryWrapper.eq("group_name", userGroup.getGroupName());
         queryWrapper.last(" and id  != " + userGroup.getId());
         List<UserGroup> groups = userGroupService.list(queryWrapper);
         if (ObjectUtil.isNotNull(groups) && groups.size()>0){
-            R.fail("用户组已存在");
+            return R.fail("用户组已存在");
         }
         userGroupService.updateById(userGroup);
         return R.success();
@@ -89,10 +107,16 @@ public class UserGroupController {
 
 
     @PostMapping("/list")
+    @Decrypt
     @ApiOperation(value = "用户组列表")
     @LogAnnotation(title = "用户组管理", action = "获取所有用户组机构")
     @RequiresPermissions("sys:userGroup:list")
-    public R getUserGroupAll(@RequestBody UserGroup userGroup) {
+    public R getUserGroupAll(@RequestBody UserGroup userGroup) throws UnsupportedEncodingException {
+        if (!StringUtils.isEmpty(userGroup.getGroupName())) {
+            //中文转码
+            String groupName = URLDecoder.decode(userGroup.getGroupName(), StandardCharsets.UTF_8.toString());
+            userGroup.setGroupName(groupName);
+        }
         LambdaQueryWrapper<UserGroup> queryWrapper = Wrappers.lambdaQuery();
         if (!StringUtils.isEmpty(userGroup.getGroupName())) {
             queryWrapper.like(UserGroup::getGroupName, userGroup.getGroupName());

src/main/java/com/huoran/iasf/entity/Seo.java

@@ -0,0 +1,44 @@
+package com.huoran.iasf.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import java.io.Serializable;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * <p>
+ * 
+ * </p>
+ *
+ * @author cheney
+ * @since 2023-08-24
+ */
+@Data
+  @EqualsAndHashCode(callSuper = false)
+    @TableName("sys_seo")
+@ApiModel(value="Seo对象", description="")
+public class Seo implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+      @ApiModelProperty(value = "主键")
+        @TableId(value = "id", type = IdType.AUTO)
+      private Integer id;
+
+      @ApiModelProperty(value = "标题")
+      private String title;
+
+      @ApiModelProperty(value = "关键词")
+      private String keyword;
+
+      @ApiModelProperty(value = "描述")
+      private String description;
+
+      @ApiModelProperty(value = "站点")
+      private Integer siteId;
+
+}

src/main/java/com/huoran/iasf/entity/SysContent.java

@@ -37,7 +37,7 @@ public class SysContent implements Serializable {
     private Integer columnId;
 
     @ApiModelProperty(value = "发布时间")
-    private Date releaseTime;
+    private String releaseTime;
 
     @ApiModelProperty(value = "来源")
     private String source;
@@ -111,10 +111,10 @@ public class SysContent implements Serializable {
     private String audit;
 
     @ApiModelProperty(value = "活动开始时间")
-    private Date activityStartTime;
+    private String activityStartTime;
 
     @ApiModelProperty(value = "活动结束时间")
-    private Date activityEndTime;
+    private String activityEndTime;
 
     @ApiModelProperty(value = "演讲系列")
     private String lectureSeries;
@@ -159,4 +159,66 @@ public class SysContent implements Serializable {
     @ApiModelProperty(value = "文章附件")
     @TableField(exist = false)
     List<SysContentFile> fileList;
+
+
+    @ApiModelProperty(value = "刊物名称")
+    private String periodicalName;
+
+    @ApiModelProperty(value = "卷")
+    private String reel;
+
+    @ApiModelProperty(value = "文献号")
+    private String documentNumber;
+
+    @ApiModelProperty(value = "文章关键字")
+    private String articleKeyWord;
+
+    /*@ApiModelProperty(value = "顺序(排序号)")
+    private Integer sequence;*/
+
+    @ApiModelProperty(value = "是否置顶(默认为0 不置顶 1为置顶)")
+    private Integer isTop;
+
+    @ApiModelProperty(value = "置顶时间")
+    private Date topTime;
+    @ApiModelProperty(value = "专利类别id")
+    private Integer patentClassId;
+
+    @ApiModelProperty(value = "申请时间")
+    private String applicationDate;
+
+    @ApiModelProperty(value = "授权日期")
+    private String dateOfAuthorization;
+
+    @ApiModelProperty(value = "发明人")
+    private String inventor;
+
+    @ApiModelProperty(value = "专利名称")
+    private String patentName;
+
+    @ApiModelProperty(value = "申请号")
+    private String applicationNumber;
+
+    @ApiModelProperty(value = "出版社")
+    private String publishingHouse;
+
+    @ApiModelProperty(value = "著名著作")
+    private String famousWorks;
+
+    @ApiModelProperty(value = "编写人员")
+    private String writersAndEditors;
+
+    @ApiModelProperty(value = "出版日期")
+    private String publicationTime;
+
+
+    @ApiModelProperty(value = "岗位")
+    private String post;
+
+    @ApiModelProperty(value = "专业")
+    private String major;
+    @ApiModelProperty(value = "爱好")
+    private String hobby;
+    @ApiModelProperty(value = "荣誉")
+    private String honor;
 }

src/main/java/com/huoran/iasf/entity/SysDept.java

@@ -1,9 +1,6 @@
 package com.huoran.iasf.entity;
 
-import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.*;
-import com.baomidou.mybatisplus.annotation.IdType;
-import com.baomidou.mybatisplus.annotation.TableField;
-import com.baomidou.mybatisplus.annotation.TableId;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
@@ -60,7 +57,7 @@ public class SysDept implements Serializable {
     @TableField(fill = FieldFill.INSERT_UPDATE)
     private Date updateTime;
 
-    @TableField(fill = FieldFill.INSERT)
+    @TableLogic
     private Integer deleted;
 
 }

src/main/java/com/huoran/iasf/entity/UserGroup.java

@@ -47,6 +47,7 @@ public class UserGroup extends BaseEntity implements Serializable {
     private Date updateTime;
 
     @ApiModelProperty(value = "是否删除(1未删除；0已删除)")
+    @TableLogic
     private Integer deleted;
 
 }

src/main/java/com/huoran/iasf/mapper/SeoMapper.java

@@ -0,0 +1,16 @@
+package com.huoran.iasf.mapper;
+
+import com.huoran.iasf.entity.Seo;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+
+/**
+ * <p>
+ *  Mapper 接口
+ * </p>
+ *
+ * @author cheney
+ * @since 2023-08-24
+ */
+public interface SeoMapper extends BaseMapper<Seo> {
+
+}

src/main/java/com/huoran/iasf/mapper/SysColumnMapper.java

@@ -34,7 +34,7 @@ public interface SysColumnMapper extends BaseMapper<SysColumn> {
     //依据子级查询父级
     List<FatherContentRespVO> getParentInformationBasedOnChild(@Param("id")Integer id);
 
-    List<SysColumn> getsTheSubColumn(@Param("parentId")Integer parentId ,@Param("ids")String ids ,@Param("isSort")Integer isSort);
+    List<SysColumn> getsTheSubColumn(@Param("parentId")Integer parentId ,@Param("ids")String ids ,@Param("isSort")Integer isSort,@Param("siteId")Integer siteId);
 
 
     Integer oneLevelChecksThemAll(@Param("theChildId")Integer theChildId);

src/main/java/com/huoran/iasf/mapper/SysContentMapper.java

@@ -3,6 +3,7 @@ package com.huoran.iasf.mapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.huoran.iasf.common.utils.R;
+import com.huoran.iasf.entity.SysColumn;
 import com.huoran.iasf.entity.SysContent;
 import com.huoran.iasf.entity.SysContentClassification;
 import com.huoran.iasf.entity.SysContentLabel;
@@ -31,4 +32,15 @@ public interface SysContentMapper extends BaseMapper<SysContent> {
 
 
     List<PageContentRespVO> columnConditionsFilterArticles(@Param("columnId")String columnId);
+
+    /*Integer selectNextId(@Param("content")SysContent sysContent);
+
+    Integer updateSortById(@Param("content")SysContent sysContent);
+
+    Integer selectPreviousId(@Param("content")SysContent sysContent);*/
+
+
+   List<SysColumn> queryArticleColumnParent(@Param("columnId")Integer columnId);
+
+
 }

src/main/java/com/huoran/iasf/mapper/SysDeptMapper.java

@@ -2,6 +2,7 @@ package com.huoran.iasf.mapper;
 
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.huoran.iasf.entity.SysDept;
+import org.apache.ibatis.annotations.Mapper;
 
 /**
  * 部门 Mapper
@@ -10,5 +11,6 @@ import com.huoran.iasf.entity.SysDept;
  * @version V1.0
  * @date 2022年7月28日
  */
+@Mapper
 public interface SysDeptMapper extends BaseMapper<SysDept> {
 }

src/main/java/com/huoran/iasf/mapper/SysFilesMapper.java

@@ -1,7 +1,11 @@
 package com.huoran.iasf.mapper;
 
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.huoran.iasf.entity.SysFilesEntity;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
 
 /**
  * 文件上传 Mapper
@@ -10,6 +14,8 @@ import com.huoran.iasf.entity.SysFilesEntity;
  * @version V1.0
  * @date 2022年7月28日
  */
+@Mapper
 public interface SysFilesMapper extends BaseMapper<SysFilesEntity> {
 
+    IPage<SysFilesEntity> fileList(Page<SysFilesEntity> page, @Param("req")SysFilesEntity sysFiles);
 }

src/main/java/com/huoran/iasf/mapper/SysUserMapper.java

@@ -19,5 +19,5 @@ public interface SysUserMapper extends BaseMapper<SysUser> {
 
     IPage<UserListResp> userList(Page<UserListResp> page,@Param("req") UserListReq userListReq);
 
-    UserListResp detailInfo(String id);
+    UserListResp detailInfo(Integer id);
 }

src/main/java/com/huoran/iasf/mapper/xml/SeoMapper.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.huoran.iasf.mapper.SeoMapper">
+
+</mapper>

src/main/java/com/huoran/iasf/mapper/xml/SysColumnMapper.xml

@@ -33,8 +33,8 @@
     <select id="filter" resultType="com.huoran.iasf.entity.SysColumn">
         SELECT
         *,
-        ( SELECT u.username FROM sys_user u WHERE u.id = s.founder_id ) AS creteUser,
+        ( SELECT u.real_name FROM sys_user u WHERE u.id = s.founder_id ) AS creteUser,
-        ( SELECT u.username FROM sys_user u WHERE u.id = s.editor_id ) AS editorUser,
+        ( SELECT u.real_name FROM sys_user u WHERE u.id = s.editor_id ) AS editorUser,
         ( SELECT t.template_type FROM sys_template t WHERE t.id = s.template_id ) AS templateName,
         ( SELECT sty.style FROM sys_template_style sty WHERE sty.id = s.list_style_id ) AS listStyle,
         ( SELECT sty.style FROM sys_template_style sty WHERE sty.id = s.detail_style_id ) AS detailStyle,
@@ -61,8 +61,8 @@
 
 
     <select id="longPageColumnList" resultType="com.huoran.iasf.vo.resp.PageContentRespVO">
-        SELECT (SELECT u.username FROM sys_user u WHERE u.id = c.founder_id) AS founderName,
+        SELECT (SELECT u.real_name FROM sys_user u WHERE u.id = c.founder_id) AS founderName,
-               (SELECT u.username FROM sys_user u WHERE u.id = c.editor_id)  AS editorName,
+               (SELECT u.real_name FROM sys_user u WHERE u.id = c.editor_id)  AS editorName,
                c.*
         FROM sys_column c
         WHERE deleted = 1
@@ -93,8 +93,8 @@
     <select id="filterMenuVisible" resultType="com.huoran.iasf.entity.SysColumn">
         SELECT
         *,
-        ( SELECT u.username FROM sys_user u WHERE u.id = s.founder_id ) AS creteUser,
+        ( SELECT u.real_name FROM sys_user u WHERE u.id = s.founder_id ) AS creteUser,
-        ( SELECT u.username FROM sys_user u WHERE u.id = s.editor_id ) AS editorUser,
+        ( SELECT u.real_name FROM sys_user u WHERE u.id = s.editor_id ) AS editorUser,
         ( SELECT t.template_type FROM sys_template t WHERE t.id = s.template_id ) AS templateName,
         ( SELECT sty.style FROM sys_template_style sty WHERE sty.id = s.list_style_id ) AS listStyle,
         ( SELECT sty.style FROM sys_template_style sty WHERE sty.id = s.detail_style_id ) AS detailStyle,
@@ -148,15 +148,15 @@
     </select>-->
     <select id="getsTheSubColumn" resultType="com.huoran.iasf.entity.SysColumn">
         SELECT *,
-        (SELECT u.username FROM sys_user u WHERE u.id = s.founder_id) AS creteUser,
+        (SELECT u.real_name FROM sys_user u WHERE u.id = s.founder_id) AS creteUser,
-        (SELECT u.username FROM sys_user u WHERE u.id = s.editor_id) AS editorUser,
+        (SELECT u.real_name FROM sys_user u WHERE u.id = s.editor_id) AS editorUser,
         (SELECT t.template_type FROM sys_template t WHERE t.id = s.template_id) AS templateName,
         (SELECT sty.style FROM sys_template_style sty WHERE sty.id = s.list_style_id) AS listStyle,
         (SELECT sty.style FROM sys_template_style sty WHERE sty.id = s.detail_style_id) AS detailStyle,
         (SELECT sty.path FROM sys_template_style sty WHERE sty.id = s.list_style_id) AS path
         FROM sys_column s
         WHERE deleted = 1
-        AND site_id = 1
+        AND site_id =#{siteId}
         <if test="ids != '' and ids!= null">
             and FIND_IN_SET(s.id, #{ids})
         </if>

src/main/java/com/huoran/iasf/mapper/xml/SysContentMapper.xml

@@ -4,9 +4,11 @@
     <select id="articlePaginationList" resultType="com.huoran.iasf.vo.resp.PageContentRespVO">
         SELECT c.*,
         (SELECT sys_column.column_name FROM sys_column WHERE sys_column.id = c.column_id) AS columnName,
-        (SELECT u.username FROM sys_user u WHERE u.id = c.founder_id) AS founderName,
+        (SELECT u.real_name FROM sys_user u WHERE u.id = c.founder_id) AS founderName,
-        (SELECT u.username FROM sys_user u WHERE u.id = c.editor_id) AS editorName,
+        (SELECT u.real_name FROM sys_user u WHERE u.id = c.editor_id) AS editorName,
-        (SELECT type_id from sys_column WHERE sys_column.id = c.column_id) as typeId
+        (SELECT type_id from sys_column WHERE sys_column.id = c.column_id) as typeId,
+        IFNULL( ( SELECT c1.classification_name FROM sys_content_classification c1 WHERE c1.id = c.classification_id ),
+        '暂无' ) AS classificationName
         FROM sys_content c
         WHERE c.deleted = 1 and site_id = #{req.siteId}
         <if test="req.columnIds != null and req.columnIds.size() > 0 ">
@@ -22,13 +24,13 @@
             and title LIKE CONCAT('%',#{req.title},'%')
         </if>
         <if test="req.founder != null and req.founder != ''">
-            AND ( SELECT u.username FROM sys_user u WHERE u.id = c.founder_id ) LIKE
+            AND ( SELECT u.real_name FROM sys_user u WHERE u.id = c.founder_id ) LIKE
             CONCAT('%',#{req.founder},'%')
         </if>
 
 
         <if test="req.editor != null and req.editor != ''">
-            AND ( SELECT u.username FROM sys_user u WHERE u.id = c.editor_id ) LIKE CONCAT('%',#{req.editor},'%')
+            AND ( SELECT u.real_name FROM sys_user u WHERE u.id = c.editor_id ) LIKE CONCAT('%',#{req.editor},'%')
         </if>
 
         <if test="req.column != null and req.column != ''">
@@ -36,7 +38,45 @@
             CONCAT('%',#{req.column},'%')
         </if>
 
-        ORDER BY c.create_time desc
+
+        <if test="req.isDisable != null and req.isDisable != '' or req.isDisable==0">
+            AND c.is_disable = #{req.isDisable}
+        </if>
+
+        <choose>
+            <when test="req.modifiedTimeSort ==0">
+                ORDER BY c.update_time desc
+            </when>
+
+            <when test="req.modifiedTimeSort ==1">
+                ORDER BY c.update_time asc
+            </when>
+
+            <when test="req.publicationTimeSort ==0">
+                ORDER BY c.release_time desc
+            </when>
+
+            <when test="req.publicationTimeSort ==1">
+                ORDER BY c.release_time asc
+            </when>
+
+            <when test="req.topSort ==0">
+                ORDER BY is_top asc,
+                top_time asc
+            </when>
+
+            <when test="req.topSort ==1">
+                ORDER BY is_top desc,
+                top_time DESC
+            </when>
+
+            <otherwise>
+                ORDER BY
+                release_time DESC,
+                create_time DESC
+            </otherwise>
+        </choose>
+
 
     </select>
 
@@ -48,8 +88,8 @@
         (
         SELECT
         s.*,
-        ( SELECT GROUP_CONCAT( label_name ) FROM sys_content_label l WHERE deleted = 1 AND FIND_IN_SET( l.id, s.lable_id
+        ( SELECT GROUP_CONCAT( l.id ) FROM sys_content_label l WHERE deleted = 1 AND FIND_IN_SET( l.id, s.lable_id
-        ) ) AS labelName,
+        ) ) AS labelId,
         ( SELECT c.classification_name FROM sys_content_classification c WHERE deleted = 1 AND s.classification_id =
         c.id ) AS classificationName ,
         (SELECT c.column_name from sys_column c WHERE c.id = s.column_id) as columnName
@@ -67,7 +107,7 @@
         <if test="req.labelName != null and req.labelName.size() > 0 ">
             and
             <foreach collection="req.labelName" item="item" index="index" open="(" separator="or" close=")">
-                t.labelName LIKE CONCAT('%',#{item},'%')
+                FIND_IN_SET( #{item}, t.labelId)
             </foreach>
         </if>
 
@@ -81,6 +121,51 @@
         </if>
 
 
+        <if test="req.patentClassId != null and req.patentClassId != ''">
+            AND patent_class_id = #{req.patentClassId}
+        </if>
+
+
+        <if test="req.applicationDate != null and req.applicationDate != ''">
+            AND application_date = #{req.applicationDate}
+        </if>
+
+
+        <if test="req.publicationTime != null and req.publicationTime != ''">
+            AND publication_time = #{req.publicationTime}
+        </if>
+
+        <if test="req.publicationYear != null and req.publicationYear != ''">
+            AND publication_year = #{req.publicationYear}
+        </if>
+
+        <if test="req.publicationStartTime != null and req.publicationStartTime != ''  ">
+            AND publication_year &gt; #{req.publicationStartTime}
+        </if>
+
+        <if test="req.endOfPublicationTime != null and req.endOfPublicationTime != ''">
+            AND publication_year &lt; #{req.endOfPublicationTime}
+        </if>
+
+
+        <if test="req.patentQueryKeyWord != null and req.patentQueryKeyWord != ''">
+            AND ( title LIKE CONCAT( '%',#{req.patentQueryKeyWord},'%' ) OR inventor LIKE CONCAT( '%',#{req.patentQueryKeyWord},'%' )OR application_number LIKE CONCAT( '%',#{req.patentQueryKeyWord},'%' ))
+        </if>
+
+
+        <if test="req.monographQueryKeyWord != null and req.monographQueryKeyWord != ''">
+            AND ( title LIKE CONCAT( '%',#{req.monographQueryKeyWord},'%' ) OR writers_and_editors LIKE CONCAT( '%',#{req.monographQueryKeyWord},'%' )OR publishing_house LIKE CONCAT( '%',#{req.monographQueryKeyWord},'%' ))
+        </if>
+
+
+        <if test="req.paperQueryKeyWord != null and req.paperQueryKeyWord != ''">
+            AND ( author LIKE CONCAT( '%',#{req.paperQueryKeyWord},'%' ) OR periodical_name LIKE CONCAT( '%',#{req.paperQueryKeyWord},'%' )OR title LIKE CONCAT( '%',#{req.paperQueryKeyWord},'%' ))
+        </if>
+
+
+
+
+
         <if test="req.columnIds != null and req.columnIds.size() > 0 ">
             and t.column_id in
             <foreach item="item" index="index" collection="req.columnIds"
@@ -105,7 +190,10 @@
             </when>
             <otherwise>
                 ORDER BY
-                t.create_time DESC
+                is_top = 1 DESC,
+                top_time DESC,
+                release_time DESC,
+                create_time DESC
             </otherwise>
         </choose>
 
@@ -133,33 +221,54 @@
         sys_content c
         WHERE
         deleted = 1
-        AND site_id = 1
+        AND site_id = #{req.siteId}
         <if test="req.title != null and req.title != ''">
             AND title LIKE
             CONCAT('%',#{req.title},'%')
         </if>
+        ORDER BY
+        is_top = 1 DESC,
+        top_time DESC,
+        release_time DESC,
+        create_time DESC
     </select>
     <select id="columnConditionsFilterArticles" resultType="com.huoran.iasf.vo.resp.PageContentRespVO">
-        SELECT
+        SELECT t.*,
-            t.*,
                (SELECT cl.list_style_id FROM sys_column cl WHERE cl.id = t.column_id) AS listStyleId
-        FROM
+        FROM (SELECT s.*,
-            (
+                     (SELECT GROUP_CONCAT(label_name)
-                SELECT
+                      FROM sys_content_label l
-                    s.*,
+                      WHERE deleted = 1
-                    ( SELECT GROUP_CONCAT( label_name ) FROM sys_content_label l WHERE deleted = 1 AND FIND_IN_SET( l.id, s.lable_id ) ) AS labelName,
+                        AND FIND_IN_SET(l.id, s.lable_id)) AS labelName,
-                    ( SELECT c.classification_name FROM sys_content_classification c WHERE deleted = 1 AND s.classification_id = c.id ) AS classificationName
+                     (SELECT c.classification_name
-                FROM
+                      FROM sys_content_classification c
-                    sys_content s
+                      WHERE deleted = 1
-                WHERE
+                        AND s.classification_id = c.id)    AS classificationName
-                    s.deleted = 1
+              FROM sys_content s
+              WHERE s.deleted = 1
                 AND is_disable = 0
-                  AND is_release = 1
+                AND is_release = 1) t
-            ) t
+        WHERE FIND_IN_SET(t.column_id, #{columnId})
-        WHERE
-            FIND_IN_SET( t.column_id, #{columnId} )
 
-        ORDER BY t.create_time desc
+        ORDER BY is_top = 1 DESC,
+                 top_time DESC,
+                 release_time DESC,
+                 create_time DESC
+    </select>
+    <select id="queryArticleColumnParent" resultType="com.huoran.iasf.entity.SysColumn">
+        SELECT t2.*
+        FROM (
+        SELECT
+        @r AS _id,
+        (SELECT @r := father_id FROM sys_column WHERE id = _id) AS father_id,
+        @l := @l + 1 AS lvl
+        FROM
+        (SELECT @r := #{columnId}, @l := 0) vars,
+        sys_column h
+        WHERE @r != 0) T1
+        JOIN sys_column T2
+        ON T1._id = T2.id and deleted = 1
+        ORDER BY T1.lvl DESC
     </select>
 
 

src/main/java/com/huoran/iasf/mapper/xml/SysFilesMapper.xml

@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.huoran.iasf.mapper.SysFilesMapper">
+
+    <select id="fileList" resultType="com.huoran.iasf.entity.SysFilesEntity"
+            parameterType="com.huoran.iasf.entity.SysFilesEntity">
+        SELECT
+            f.id,
+            f.url,
+            f.file_name,
+            f.format,
+            f.file_size,
+            f.type,
+            f.deleted,
+            f.quote,
+            f.site,
+            f.is_release,
+            f.is_del,
+            f.quote_id,
+            f.quote_type,
+            f.create_date,
+            u.real_name AS uploader
+        FROM
+            sys_files f
+                LEFT JOIN sys_user u ON f.uploader = u.id
+        WHERE f.deleted = 1
+          AND f.is_release = 1
+          AND f.is_del = 0
+          and f.quote is not null
+        <if test="req.site != '' and req.site != null">
+            AND f.site = #{req.site}
+        </if>
+        <if test="req.type != '' and req.type != null">
+            AND f.type = #{req.type}
+        </if>
+        <if test="req.fileName != '' and req.fileName != null">
+            AND f.file_name LIKE '%' #{req.fileName} '%'
+        </if>
+        <if test="req.uploader != '' and req.uploader != null">
+            AND u.real_name LIKE '%' #{req.uploader} '%'
+        </if>
+        <if test="req.quote != '' and req.quote != null">
+            AND f.quote LIKE '%' #{req.quote} '%'
+        </if>
+        ORDER BY
+            f.create_date DESC
+    </select>
+</mapper>

src/main/java/com/huoran/iasf/mapper/xml/SysPermissionMapper.xml

@@ -7,7 +7,7 @@
             ap.*
         FROM
             sys_role_permission ar
-        left join sys_permission ap on ar.permission_id = ap.id
+         join sys_permission ap on ar.permission_id = ap.id
         where find_in_set(ar.role_id,#{roleIds})
         GROUP BY ap.id
     </select>

src/main/java/com/huoran/iasf/service/HttpSessionService.java

@@ -171,9 +171,9 @@ public class HttpSessionService {
     /**
      * 使多个用户的token失效
      */
-    public void abortUserByUserIds(List<Integer> userIds) {
+    public void abortUserByUserIds(List<String> userIds) {
         if (CollectionUtils.isNotEmpty(userIds)) {
-            for (Integer id : userIds) {
+            for (String id : userIds) {
                 redisService.delKeys(userTokenPrefix + "*#" + id);
             }
 

src/main/java/com/huoran/iasf/service/RoleService.java

@@ -33,7 +33,7 @@ public interface RoleService extends IService<SysRole> {
      *
      * @param id id
      */
-    void deletedRole(List<Integer> ids);
+    void deletedRole(List<String> ids);
 
     /**
      * 根据userId获取绑定的角色

src/main/java/com/huoran/iasf/service/SeoService.java

@@ -0,0 +1,16 @@
+package com.huoran.iasf.service;
+
+import com.huoran.iasf.entity.Seo;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+/**
+ * <p>
+ *  服务类
+ * </p>
+ *
+ * @author cheney
+ * @since 2023-08-24
+ */
+public interface SeoService extends IService<Seo> {
+
+}

src/main/java/com/huoran/iasf/service/SysColumnService.java

@@ -7,6 +7,7 @@ import com.huoran.iasf.vo.req.ColumnWeightReqVO;
 import com.huoran.iasf.vo.req.LongPageColumnReqVO;
 import com.huoran.iasf.vo.req.PageContentReqVO;
 import com.huoran.iasf.vo.req.PaginationColumnReqVO;
+import org.springframework.cache.annotation.CacheEvict;
 
 import java.util.List;
 
@@ -30,15 +31,15 @@ public interface SysColumnService extends IService<SysColumn> {
     R longPageColumnList(LongPageColumnReqVO reqVO);
 
 
-    R getsTheSubColumn(Integer parentId,String ids);
+    R getsTheSubColumn(Integer parentId,String ids,Integer siteId);
+    void removeArticles(Integer columnId);
 
-
+    R getsSublevelColumnsUnderALevel(Integer parentId,String ids,Integer siteId);
-    R getsSublevelColumnsUnderALevel(Integer parentId,String ids);
 
     Integer oneLevelChecksThemAll(Integer theChildId);
 
 
-    R getSubColumn(Integer parentId,String ids,Integer isSort);
+    R getSubColumn(Integer parentId,String ids,Integer isSort,Integer siteId);
 
     R queryArticlesByColumnType(String ids,Integer id);
 

src/main/java/com/huoran/iasf/service/SysContentService.java

@@ -3,9 +3,12 @@ package com.huoran.iasf.service;
 import com.huoran.iasf.common.utils.R;
 import com.huoran.iasf.entity.SysContent;
 import com.baomidou.mybatisplus.extension.service.IService;
+import com.huoran.iasf.vo.req.ArticleModifiedSortReq;
 import com.huoran.iasf.vo.req.ContentHeavyTitleReqVO;
 import com.huoran.iasf.vo.req.PageContentReqVO;
+import io.swagger.annotations.ApiParam;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
 
 import java.util.List;
 
@@ -36,4 +39,10 @@ public interface SysContentService extends IService<SysContent> {
 
     R siteSearchArticles(PageContentReqVO req);
 
+    R queryArticleColumnParent(Integer articleId);
+
+//    R modifiedSort(List<ArticleModifiedSortReq> reqList);
+
+//    R modifiedSort(Integer sequenceNumber, Integer articleId);
+
 }

src/main/java/com/huoran/iasf/service/SysFilesService.java

@@ -1,6 +1,7 @@
 package com.huoran.iasf.service;
 
 import com.baomidou.mybatisplus.extension.service.IService;
+import com.huoran.iasf.common.utils.R;
 import com.huoran.iasf.entity.SysFilesEntity;
 import com.huoran.iasf.vo.UEditorResultVO;
 import com.huoran.iasf.vo.req.FileParameters;
@@ -29,5 +30,7 @@ public interface SysFilesService extends IService<SysFilesEntity> {
     void preview(String id, HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException;
 
     void download(String id, HttpServletRequest req, HttpServletResponse res);
+
+    R getPage(SysFilesEntity sysFiles);
 }
 

src/main/java/com/huoran/iasf/service/UserService.java

@@ -53,7 +53,7 @@ public interface UserService extends IService<SysUser> {
      */
     void updatePwd(SysUser vo);
 
-    UserListResp detailInfo(String id);
+    UserListResp detailInfo(Integer id);
 
     R resetPwd(String userId);
 
@@ -66,4 +66,6 @@ public interface UserService extends IService<SysUser> {
     R updatePhoneOrEmail(UpdatePhoneOrEmailReq updatePhoneOrEmailReq);
 
     R updateUserAvatars(String userId, MultipartFile file);
+
+    boolean checkPassword(String password);
 }

src/main/java/com/huoran/iasf/service/impl/DeptServiceImpl.java

@@ -86,12 +86,12 @@ public class DeptServiceImpl extends ServiceImpl<SysDeptMapper, SysDept> impleme
         }
         sysDeptMapper.updateById(vo);
         //说明层级发生了变化
-        if (!StringUtils.isEmpty(vo.getPid()) && !vo.getPid().equals(sysDept.getPid())) {
+        /*if (!StringUtils.isEmpty(vo.getPid()) && !vo.getPid().equals(sysDept.getPid())) {
             SysDept parent = sysDeptMapper.selectById(vo.getPid());
             if (!"0".equals(vo.getPid()) && null == parent) {
                 throw new BusinessException(BaseResponseCode.DATA_ERROR);
             }
-            /*SysDept oldParent = sysDeptMapper.selectById(sysDept.getPid());
+            *//*SysDept oldParent = sysDeptMapper.selectById(sysDept.getPid());
             String oldRelationCode;
             String newRelationCode;
             //根目录降到其他目录
@@ -104,16 +104,16 @@ public class DeptServiceImpl extends ServiceImpl<SysDeptMapper, SysDept> impleme
             } else {
                 oldRelationCode = oldParent.getRelationCode();
                 newRelationCode = parent.getRelationCode();
-            }*/
+            }*//*
-            /*LambdaQueryWrapper<SysDept> wrapper = Wrappers.lambdaQuery();
+            *//*LambdaQueryWrapper<SysDept> wrapper = Wrappers.lambdaQuery();
             wrapper.likeLeft(SysDept::getDeptNo, sysDept.getDeptNo());
             List<SysDept> list = sysDeptMapper.selectList(wrapper);
             list.parallelStream().forEach(entity -> {
                 String relationCode = entity.getRelationCode().replace(oldRelationCode, newRelationCode);
                 entity.setRelationCode(relationCode);
                 sysDeptMapper.updateById(entity);
-            });*/
+            });*//*
-        }
+        }*/
     }
 
     @Override
@@ -122,15 +122,20 @@ public class DeptServiceImpl extends ServiceImpl<SysDeptMapper, SysDept> impleme
         if (null == sysDept) {
             throw new BusinessException(BaseResponseCode.DATA_ERROR);
         }
-        List<Object> deptIds = sysDeptMapper.selectObjs(Wrappers.<SysDept>lambdaQuery().select(SysDept::getId).likeRight(SysDept::getRelationCode, sysDept.getRelationCode()));
+//        List<Object> deptIds = sysDeptMapper.selectObjs(Wrappers.<SysDept>lambdaQuery().select(SysDept::getId).likeRight(SysDept::getRelationCode, sysDept.getRelationCode()));
-        /*List<SysUser> list = sysUserMapper.selectList(Wrappers.<SysUser>lambdaQuery().in(SysUser::getDeptId, deptIds));
+
-        if (!CollectionUtils.isEmpty(list)) {
+        List<UserDept> list = userDeptMapper.selectList(Wrappers.<UserDept>lambdaQuery().in(UserDept::getDeptId, id));
-            throw new BusinessException(BaseResponseCode.NOT_PERMISSION_DELETED_DEPT);
-        }*/
-        List<UserDept> list = userDeptMapper.selectList(Wrappers.<UserDept>lambdaQuery().in(UserDept::getDeptId, deptIds));
         if (!CollectionUtils.isEmpty(list)) {
             throw new BusinessException(BaseResponseCode.NOT_PERMISSION_DELETED_DEPT);
         }
+        //查询是否有子级部门
+        QueryWrapper<SysDept> deptQueryWrapper = new QueryWrapper<>();
+        deptQueryWrapper.eq("pid",sysDept.getId());
+        List<SysDept> sysDepts = sysDeptMapper.selectList(deptQueryWrapper);
+        if (sysDepts!=null&& sysDepts.size()>0){
+            throw new BusinessException(BaseResponseCode.DELETE_SUB_DEPARTMENTS_FIRST);
+        }
+
         sysDeptMapper.deleteById(id);
     }
 

src/main/java/com/huoran/iasf/service/impl/PermissionServiceImpl.java

@@ -6,6 +6,7 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.huoran.iasf.common.exception.BusinessException;
+import com.huoran.iasf.common.exception.UnauthorizedException;
 import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.entity.SysPermission;
 import com.huoran.iasf.entity.SysRolePermission;
@@ -83,12 +84,12 @@ public class PermissionServiceImpl extends ServiceImpl<SysPermissionMapper, SysP
         SysPermission sysPermission = sysPermissionMapper.selectById(permissionId);
         if (null == sysPermission) {
             log.error("传入 的 id:{}不合法", permissionId);
-            throw new BusinessException(BaseResponseCode.DATA_ERROR);
+            throw new UnauthorizedException(BaseResponseCode.DATA_ERROR);
         }
         //获取下一级
         List<SysPermission> childs = sysPermissionMapper.selectList(Wrappers.<SysPermission>lambdaQuery().eq(SysPermission::getPid, permissionId));
         if (!CollectionUtils.isEmpty(childs)) {
-            throw new BusinessException(BaseResponseCode.ROLE_PERMISSION_RELATION);
+            throw new UnauthorizedException(BaseResponseCode.ROLE_PERMISSION_RELATION);
         }
         sysPermissionMapper.deleteById(permissionId);
         //删除和角色关联
@@ -237,7 +238,7 @@ public class PermissionServiceImpl extends ServiceImpl<SysPermissionMapper, SysP
      * 获取所有菜单权限按钮
      */
     @Override
-    @Cacheable(value = {"permission"},key = "#root.methodName")
+//    @Cacheable(value = {"permission"},key = "#root.methodName")
     public List<SysPermission> selectAllByTree() {
         List<SysPermission> permissionList = baseMapper.selectList(null);
         return build(permissionList);

src/main/java/com/huoran/iasf/service/impl/RoleServiceImpl.java

@@ -104,11 +104,11 @@ public class RoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impleme
 
     @Transactional(rollbackFor = Exception.class)
     @Override
-    public void deletedRole(List<Integer> ids) {
+    public void deletedRole(List<String> ids) {
 
-        for (Integer id : ids) {
+        for (String id : ids) {
             //获取关联userId
-            List<Integer> userIds = userRoleService.getUserIdsByRoleId(id);
+            List<Integer> userIds = userRoleService.getUserIdsByRoleId(Integer.valueOf(id));
             //删除角色
             sysRoleMapper.deleteById(id);
             //删除角色权限关联

src/main/java/com/huoran/iasf/service/impl/SeoServiceImpl.java

@@ -0,0 +1,20 @@
+package com.huoran.iasf.service.impl;
+
+import com.huoran.iasf.entity.Seo;
+import com.huoran.iasf.mapper.SeoMapper;
+import com.huoran.iasf.service.SeoService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import org.springframework.stereotype.Service;
+
+/**
+ * <p>
+ *  服务实现类
+ * </p>
+ *
+ * @author cheney
+ * @since 2023-08-24
+ */
+@Service
+public class SeoServiceImpl extends ServiceImpl<SeoMapper, Seo> implements SeoService {
+
+}

src/main/java/com/huoran/iasf/service/impl/SysColumnServiceImpl.java

@@ -1,5 +1,6 @@
 package com.huoran.iasf.service.impl;
 
+import cn.hutool.core.util.ObjectUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@@ -17,6 +18,8 @@ import com.huoran.iasf.vo.req.PageContentReqVO;
 import com.huoran.iasf.vo.req.PaginationColumnReqVO;
 import com.huoran.iasf.vo.resp.PageContentRespVO;
 import org.springframework.beans.BeanUtils;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.Cacheable;
 import org.springframework.stereotype.Service;
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -40,9 +43,19 @@ public class SysColumnServiceImpl extends ServiceImpl<SysColumnMapper, SysColumn
     @Override
     public boolean sameLevelJudgment(ColumnWeightReqVO column) {
         QueryWrapper<SysColumn> queryWrapper = new QueryWrapper<>();
+
+
         queryWrapper.eq("column_name", column.getColumnName());
-        queryWrapper.eq("level", column.getLevel());
+
+        if (column.getId() != null) {
+            queryWrapper.eq("father_id", column.getId());
+        } else {
+            queryWrapper.eq("father_id", 0);
+        }
+
+
         queryWrapper.eq("site_id", column.getSiteId());
+        queryWrapper.eq("deleted", 1);
         SysColumn sysColumn = mapper.selectOne(queryWrapper);
         if (sysColumn != null) {
             if (column.getId() != null) {
@@ -91,6 +104,12 @@ public class SysColumnServiceImpl extends ServiceImpl<SysColumnMapper, SysColumn
 
     @Override
     public List<SysColumn> listWithTreeMenuVisible(PaginationColumnReqVO column) {
+
+        if (column.getRole() == null) {
+
+        } else if (column.getRole() != null || column.getRole().equals("admin") || ObjectUtil.isNotNull(column.isIsadmin()) || column.isIsadmin()) {
+            throw new IllegalArgumentException("参数名不能包含admin");
+        }
         //查询所有栏目
         List<SysColumn> columnList = baseMapper.filterMenuVisible(column);
 
@@ -138,16 +157,22 @@ public class SysColumnServiceImpl extends ServiceImpl<SysColumnMapper, SysColumn
     }
 
     @Override
-    public R getsTheSubColumn(Integer pid, String ids) {
+//    @CacheEvict(value = "articles", key = "#id")
+    public void removeArticles(Integer id) {
+
+    }
+
+    @Override
+    public R getsTheSubColumn(Integer pid, String ids,Integer siteId) {
 
-        List<SysColumn> getsTheSubColumn = baseMapper.getsTheSubColumn(pid, ids,null);
+        List<SysColumn> getsTheSubColumn = baseMapper.getsTheSubColumn(pid, ids, null,siteId);
         return R.success(TreeStructureUtils.buildTree(getsTheSubColumn, pid));
     }
 
     @Override
-    public R getsSublevelColumnsUnderALevel(Integer parentId, String ids) {
+    public R getsSublevelColumnsUnderALevel(Integer parentId, String ids,Integer siteId) {
 
-        List<SysColumn> getsTheSubColumn = baseMapper.getsTheSubColumn(parentId, ids,null);
+        List<SysColumn> getsTheSubColumn = baseMapper.getsTheSubColumn(parentId, ids, null,siteId);
         List<SysColumn> buildTree = TreeStructureUtils.buildTree(getsTheSubColumn, parentId);
         return R.success(buildTree);
     }
@@ -159,12 +184,13 @@ public class SysColumnServiceImpl extends ServiceImpl<SysColumnMapper, SysColumn
     }
 
     @Override
-    public R getSubColumn(Integer parentId, String ids,Integer isSort) {
+    public R getSubColumn(Integer parentId, String ids, Integer isSort,Integer siteId) {
-        List<SysColumn> getsTheSubColumn = baseMapper.getsTheSubColumn(parentId, ids,isSort);
+        List<SysColumn> getsTheSubColumn = baseMapper.getsTheSubColumn(parentId, ids, isSort,siteId);
         return R.success(TreeStructureUtils.forMethod(getsTheSubColumn));
     }
 
     @Override
+//    @Cacheable(value = "articles", key = "#id")
     public R queryArticlesByColumnType(String ids, Integer id) {
 
         Integer count = 0;

src/main/java/com/huoran/iasf/service/impl/SysContentServiceImpl.java

@@ -1,5 +1,6 @@
 package com.huoran.iasf.service.impl;
 
+import cn.hutool.core.util.ObjectUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
@@ -8,16 +9,23 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.huoran.iasf.common.utils.Constant;
 import com.huoran.iasf.common.utils.R;
 import com.huoran.iasf.entity.SysContent;
+import com.huoran.iasf.entity.SysContentFile;
+import com.huoran.iasf.mapper.SysContentFileMapper;
 import com.huoran.iasf.mapper.SysContentMapper;
 import com.huoran.iasf.service.SysContentService;
+import com.huoran.iasf.vo.req.ArticleModifiedSortReq;
 import com.huoran.iasf.vo.req.ContentHeavyTitleReqVO;
 import com.huoran.iasf.vo.req.PageContentReqVO;
 import com.huoran.iasf.vo.resp.PageContentRespVO;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Service;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.util.*;
+import java.util.concurrent.TimeUnit;
 
 /**
  * @描述：文章管理 服务类
@@ -27,11 +35,14 @@ import java.util.*;
 @Service
 public class SysContentServiceImpl extends ServiceImpl<SysContentMapper, SysContent> implements SysContentService {
 
+    private final static Logger logger = LoggerFactory.getLogger(SysContentServiceImpl.class);
     @Autowired
     private SysContentMapper mapper;
 
     @Autowired
     private StringRedisTemplate redisTemplate;
+    @Autowired
+    private SysContentFileMapper fileMapper;
 
     @Override
     public boolean checkIfTheTitleIsRepeat(ContentHeavyTitleReqVO content) {
@@ -44,7 +55,7 @@ public class SysContentServiceImpl extends ServiceImpl<SysContentMapper, SysCont
         if (sysContent != null) {
             if (content.getId() != null) {
                 //判断为编辑情况下，如果编辑的id与查询出来的一致不提示
-                if (content.getId() == content.getId()) {
+                if (content.getId().equals(content.getId())) {
                     return true;
                 }
             }
@@ -63,8 +74,19 @@ public class SysContentServiceImpl extends ServiceImpl<SysContentMapper, SysCont
 
     @Override
     public R newlyPublishedArticles(PageContentReqVO reqVO) {
+        if (reqVO.getRole() == null) {
+
+        } else if (reqVO.getRole() != null || reqVO.getRole().equals("admin") || ObjectUtil.isNotNull(reqVO.isIsadmin()) || reqVO.isIsadmin()) {
+            throw new IllegalArgumentException("参数名不能包含admin");
+        }
         Page<PageContentRespVO> page = new Page<PageContentRespVO>(reqVO.getPageNum(), reqVO.getPageSize());
         IPage<PageContentRespVO> pageList = baseMapper.getPublishedArticles(page, reqVO);
+
+
+        for (PageContentRespVO vo : pageList.getRecords()) {
+            List<SysContentFile> fileList = fileMapper.getFileByContentId(vo.getId());
+            vo.setFileList(fileList);
+        }
         return R.success(pageList);
     }
 
@@ -110,6 +132,8 @@ public class SysContentServiceImpl extends ServiceImpl<SysContentMapper, SysCont
         QueryWrapper<SysContent> queryWrapper = new QueryWrapper<>();
         queryWrapper.eq("deleted", Constant.DATA_NOT_DELETED);
         queryWrapper.eq("site_id", siteId);
+        queryWrapper.eq("is_release", Constant.ARTICLE_PUBLISHED);
+        queryWrapper.eq("is_disable", 0);
         queryWrapper.last(" ORDER BY total_browsing desc LIMIT 0,5");
 
         List<SysContent> contentList = baseMapper.selectList(queryWrapper);
@@ -123,6 +147,149 @@ public class SysContentServiceImpl extends ServiceImpl<SysContentMapper, SysCont
         return R.success(pageList);
     }
 
+    @Override
+    public R queryArticleColumnParent(Integer articleId) {
+        SysContent sysContent = baseMapper.selectById(articleId);
+
+        return R.success(baseMapper.queryArticleColumnParent(sysContent.getColumnId()));
+    }
+
+    /*@Override
+    public R modifiedSort(List<ArticleModifiedSortReq> reqList) {
+        for (ArticleModifiedSortReq req : reqList) {
+            SysContent content = new SysContent();
+            content.setId(req.getArticleId());
+            content.setSequence(req.getSequence());
+            baseMapper.updateById(content);
+        }
+        return R.success();
+    }
+
+    @Override
+    public R modifiedSort(Integer sequenceNumber, Integer articleId) {
+
+        // 占分布式锁，去redis占坑
+        // 1. 分布式锁占坑
+        Boolean lock = redisTemplate.opsForValue().setIfAbsent("articleSortLock", "value", 30, TimeUnit.SECONDS);
+        if (lock) {
+            //加锁成功...
+            if (sequenceNumber <= 0) {
+                redisTemplate.delete("articleSortLock");   //删除key，释放锁
+                return R.fail("请输入正确的序号!");
+            }
+            SysContent content = baseMapper.selectById(articleId);
+            //获取当前排序的序号
+            Integer currentSerialNumber = content.getSequence();
+            //获取当前文章所属栏目id
+            Integer columnId = content.getColumnId();
+
+            if (currentSerialNumber.equals(sequenceNumber)) {
+                redisTemplate.delete("articleSortLock");   //删除key，释放锁
+                return R.success();
+            }
+            //修改当前序号
+            UpdateWrapper<SysContent> updateWrapper = new UpdateWrapper<>();
+            updateWrapper.set("sequence", sequenceNumber);
+            updateWrapper.eq("id", articleId);
+            //做乐观锁处理
+            updateWrapper.eq("sequence", currentSerialNumber);
+            int updateCount = baseMapper.update(new SysContent(), updateWrapper);
+
+            UpdateWrapper<SysContent> updateWrapper1 = new UpdateWrapper<>();
+            updateWrapper1.ne("id", articleId);
+            //currentSerialNumber 当前文章的序号
+            //sequenceNumber 要更改的序号
+
+            *//**
+     * 就要判断排序是值改小还是改大
+     * 大改小比如53改5那就加一个语句“大于等于5并且小于53”
+     * 如果是小改大比如3改50那就是“大于3并且小于等于50"
+     *//*
+            if (currentSerialNumber > sequenceNumber) {
+                //改大 gt >
+                updateWrapper1.setSql("  sequence = sequence + 1");
+                updateWrapper1.last(" and sequence >= " + sequenceNumber + " and sequence < " + currentSerialNumber);
+            } else if (currentSerialNumber < sequenceNumber) {
+                //改小
+                //le为<=
+//                updateWrapper1.le("sequence", sequenceNumber);
+                updateWrapper1.setSql("  sequence = sequence - 1");
+                updateWrapper1.last(" and sequence > " + currentSerialNumber + " and sequence <= " + sequenceNumber);
+                //用于判断序号为本身就为1时候就不减了
+//                updateWrapper1.ne("sequence", 1);
+            }
+
+            updateWrapper1.eq("column_id", columnId);
+            updateWrapper1.eq("deleted", 1);
+            baseMapper.update(new SysContent(), updateWrapper1);
+            redisTemplate.delete("articleSortLock");   //删除key，释放锁
+            return R.success();
+        } else {
+            return R.fail("当前有用户操作排序，请稍后刷新重试!");
+        }
+
+
+    }*/
+
+    /*@Override
+    public R modifiedSort(Integer newIndex, Integer articleId,Integer sort) {
+        if (newIndex <= 0) {
+            return R.fail("请输入正确的序号!");
+        }
+        //获取当前排序的序号
+        SysContent content = baseMapper.selectById(articleId);
+        //获取当前文章所属栏目id
+        Integer columnId = content.getColumnId();
+        //查看当前升序情况下全部文章信息
+        QueryWrapper<SysContent> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("column_id", columnId);
+        queryWrapper.eq("deleted", 1);
+
+        if (sort==0){
+            queryWrapper.orderByAsc("sequence");
+        }else if (sort==1){
+            queryWrapper.orderByDesc("sequence");
+        }
+
+        List<SysContent> contentList = baseMapper.selectList(queryWrapper);
+        //获取当前序号在list中的顺序
+        int currentIndex = contentList.indexOf(content);
+        //获取当前排序的序号
+        Integer currentSerialNumber = content.getSequence();
+        if (currentIndex == -1) {
+            // 文章不存在，不做任何操作
+            return R.success();
+        }
+        //对于传过来的序号 处理用于匹配集合的下标
+        if (currentSerialNumber > newIndex) {
+            newIndex--;
+        }else {
+            newIndex++;
+        }
+
+        if (currentIndex == newIndex) {
+            // 新旧位置相同，不做任何操作
+            return R.success();
+        }
+        // 移除当前位置的文章
+        contentList.remove(content);
+        if (newIndex >= contentList.size()) {
+            // 插入到末尾
+            contentList.add(content);
+        } else {
+            // 插入到新位置
+            contentList.add(newIndex, content);
+        }
+        for (int i = 0; i < contentList.size(); i++) {
+            SysContent article = contentList.get(i);
+            article.setSequence(i + 1);
+            baseMapper.updateById(article);
+        }
+
+
+        return R.success();
+    }*/
+
 
 }
 

src/main/java/com/huoran/iasf/service/impl/SysFilesServiceImpl.java

@@ -4,12 +4,15 @@ import cn.hutool.core.io.FileUtil;
 import cn.hutool.core.io.IoUtil;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.huoran.iasf.common.config.FileUploadProperties;
 import com.huoran.iasf.common.config.NonStaticResourceHttpRequestConfig;
 import com.huoran.iasf.common.exception.BusinessException;
 import com.huoran.iasf.common.exception.code.BaseResponseCode;
 import com.huoran.iasf.common.utils.DateUtils;
+import com.huoran.iasf.common.utils.R;
 import com.huoran.iasf.entity.SysFilesEntity;
 import com.huoran.iasf.mapper.SysFilesMapper;
 import com.huoran.iasf.service.SysFilesService;
@@ -18,6 +21,8 @@ import com.huoran.iasf.vo.req.FileParameters;
 import org.apache.commons.io.FileUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.Cacheable;
 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Service;
 import org.springframework.web.context.request.RequestContextHolder;
@@ -37,10 +42,7 @@ import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-import java.util.Date;
+import java.util.*;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.UUID;
 import java.util.regex.Pattern;
 
 /**
@@ -99,12 +101,14 @@ public class SysFilesServiceImpl extends ServiceImpl<SysFilesMapper, SysFilesEnt
             sysFilesEntity.setUploader(fileParameters.getUploader());
             sysFilesEntity.setQuote(fileParameters.getQuote());
             sysFilesEntity.setSite(fileParameters.getSite());
+            sysFilesEntity.setQuoteType(fileParameters.getQuoteType());
+            sysFilesEntity.setQuoteId(fileParameters.getQuoteId());
             sysFilesEntity.setType(fileCheck(suffixName));
             this.save(sysFilesEntity);
             // String hostAddress = InetAddress.getLocalHost().getHostAddress();
-            String hostAddress = getLocalHostExactAddress().getHostAddress();
+//            String hostAddress = getLocalHostExactAddress().getHostAddress();
             // String url = fileUploadProperties.getUrl() + "/preview" + "/" + sysFilesEntity.getId();
-            String url = "http://" + hostAddress + fileUploadProperties.getUrl() + sysFilesEntity.getId();
+            String url = fileUploadProperties.getIp() + fileUploadProperties.getUrl() + sysFilesEntity.getId();
             sysFilesEntity.setUrl(url);
             this.updateById(sysFilesEntity);
 
@@ -191,6 +195,8 @@ public class SysFilesServiceImpl extends ServiceImpl<SysFilesMapper, SysFilesEnt
 
 
     @Override
+    // 缓存预览结果，使用id作为缓存键
+//    @Cacheable(value = "preview", key = "#id")
     public void preview(String id, HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
         if (id != null) {
             SysFilesEntity entity = this.getById(id);
@@ -208,6 +214,9 @@ public class SysFilesServiceImpl extends ServiceImpl<SysFilesMapper, SysFilesEnt
                     //判断类型，根据不同的类型文件来处理对应的数据
                     res.setContentType(mimeType);
                     res.addHeader("Content-Length", "" + file.length());
+                    res.setHeader("Cache-Control", "public, max-age=31536000");
+                    res.setDateHeader("Expires", System.currentTimeMillis() + 31536000000L);
+
                 }
                 //转换视频流部分
                 req.setAttribute(NonStaticResourceHttpRequestConfig.ATTR_FILE, filePath);
@@ -291,9 +300,15 @@ public class SysFilesServiceImpl extends ServiceImpl<SysFilesMapper, SysFilesEnt
             if (file.exists()) {
                 file.delete();
             }
+            removePreview(entity.getId());
         });
         this.removeByIds(ids);
 
+    }
+    // 删除预览结果的缓存，同样使用id作为键
+//    @CacheEvict(value = "preview", key = "#id")
+    public void removePreview(String id) {
+
     }
 
     /**
@@ -308,4 +323,12 @@ public class SysFilesServiceImpl extends ServiceImpl<SysFilesMapper, SysFilesEnt
         }
         return "";
     }
+
+    @Override
+    public R getPage(SysFilesEntity sysFiles) {
+        Page<SysFilesEntity> page = new Page<>(1, 10);
+
+        IPage<SysFilesEntity> fileList = baseMapper.fileList(page, sysFiles);
+        return R.success(fileList);
+    }
 }

src/main/java/com/huoran/iasf/service/impl/UserServiceImpl.java

@@ -131,13 +131,45 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
         }
         List<SysPermission> menus = permissionService.permissionList(sysUser.getId());
 
+        boolean b = checkUserPassword(vo.getPassword());
         String token = httpSessionService.createTokenAndUser(sysUser, roleService.getRoleNames(sysUser.getId()), permissionService.getPermissionsByUserId(sysUser.getId()));
         respVO.setAccessToken(token);
         respVO.setPermissionList(menus);
         respVO.setUsername(sysUser.getRealName());
+        respVO.setStrong(b);
         return respVO;
     }
 
+
+    @Override
+    public boolean checkPassword(String password) {
+        return checkUserPassword(password);
+    }
+
+    public static boolean checkUserPassword(String password){
+        Map<String, String> map = new HashMap<String, String>();
+        for (int i = 0; i < password.length(); i++) {
+            int A = password.charAt(i);
+            if (A >= 48 && A <= 57) {// 数字
+                map.put("数字", "数字");
+            } else if (A >= 65 && A <= 90) {// 大写
+                map.put("大写", "大写");
+            } else if (A >= 97 && A <= 122) {// 小写
+                map.put("小写", "小写");
+            } else {
+                map.put("特殊", "特殊");
+            }
+        }
+        Set<String> sets = map.keySet();
+        int pwdSize = sets.size();// 密码字符种类数
+        int pwdLength = password.length();// 密码长度
+        if (pwdSize >= 4 && pwdLength >= 8) {
+            return true;// 强密码
+        } else {
+            return false;// 弱密码
+        }
+    }
+
     /**
      * 校验验证码
      *
@@ -231,7 +263,7 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
     }
 
     @Override
-    public UserListResp detailInfo(String id) {
+    public UserListResp detailInfo(Integer id) {
         return baseMapper.detailInfo(id);
     }
 
@@ -239,7 +271,7 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
     public R resetPwd(String userId) {
         SysUser sysUser = baseMapper.selectById(userId);
         sysUser.setSalt(PasswordUtils.getSalt());
-        String encode = PasswordUtils.encode("111aaa", sysUser.getSalt());
+        String encode = PasswordUtils.encode("Iasf#2024", sysUser.getSalt());
         sysUser.setPassword(encode);
         int update = baseMapper.updateById(sysUser);
         return update>0 ? R.success("重置成功") : R.fail("重置失败");
@@ -261,7 +293,7 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
     public void addUser(SysUser vo) {
 
         vo.setSalt(PasswordUtils.getSalt());
-        String encode = PasswordUtils.encode("111aaa", vo.getSalt());
+        String encode = PasswordUtils.encode("Iasf#2024", vo.getSalt());
         vo.setPassword(encode);
         vo.setStatus(1);
         vo.setCreateWhere(1);
@@ -605,7 +637,7 @@ public class UserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impleme
                     if (0==usernameId){
                         SysUser vo = new SysUser();
                         vo.setSalt(PasswordUtils.getSalt());
-                        String encode = PasswordUtils.encode("111aaa", vo.getSalt());
+                        String encode = PasswordUtils.encode("Iasf#2024", vo.getSalt());
                         vo.setRealName(realName);
                         vo.setPhone(getPhone);
                         vo.setJobNumber(jobNumber);

src/main/java/com/huoran/iasf/vo/req/AllTheQuery.java

@@ -0,0 +1,13 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+import org.springframework.web.bind.annotation.RequestParam;
+@Data
+public class AllTheQuery {
+
+    @ApiParam(name = "siteId", value = "站点id", required = true)
+    Integer siteId;
+    @ApiParam(name = "templateId", value = "模板id", required = true)
+    Integer templateId;
+}

src/main/java/com/huoran/iasf/vo/req/ArticleEnableOrDisable.java

@@ -0,0 +1,12 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+
+@Data
+public class ArticleEnableOrDisable {
+    @ApiParam(name = "id", value = "文章id", required = true)
+    String id;
+    @ApiParam(name = "isDisable", value = "是否禁用(0默认，0启用 1禁用)", required = true)
+    String isDisable;
+}

src/main/java/com/huoran/iasf/vo/req/ArticleModifiedSortReq.java

@@ -0,0 +1,16 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+@Data
+public class ArticleModifiedSortReq {
+    @ApiModelProperty(value = "顺序(排序号)")
+    private Integer sequence;
+
+    @ApiModelProperty(value = "文章id")
+    private Integer articleId;
+
+
+}

src/main/java/com/huoran/iasf/vo/req/ArticleTopOperation.java

@@ -0,0 +1,12 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+
+@Data
+public class ArticleTopOperation {
+    @ApiParam(name = "isTop", value = "是否置顶(默认为0 不置顶 1为置顶)", required = true)
+    Integer isTop;
+    @ApiParam(name = "articleId", value = "文章Id", required = true)
+    Integer articleId;
+}

src/main/java/com/huoran/iasf/vo/req/CheckForHeavy.java

@@ -0,0 +1,15 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+import org.springframework.web.bind.annotation.RequestParam;
+@Data
+public class CheckForHeavy {
+
+    @ApiParam(name = "siteId", value = "站点id", required = true)
+    Integer siteId;
+    @ApiParam(name = "classificationName", value = "分类名称", required = true)
+    String classificationName;
+    @ApiParam(name = "classificationId", value = "分类id(新增不传，编辑传)", required = false)
+    Integer classificationId;
+}

src/main/java/com/huoran/iasf/vo/req/ColumnWeightReqVO.java

@@ -21,9 +21,14 @@ public class ColumnWeightReqVO {
     @ApiModelProperty(value = "id")
     private Integer id;
 
-    @ApiModelProperty(value = "层级((1-一级分类 2-二级分类 3-三级分类以此叠加))")
+    /*@ApiModelProperty(value = "层级((1-一级分类 2-二级分类 3-三级分类以此叠加))")
     @NotNull(message = "层级不能为空")
-    private Integer level;
+    private Integer level;*/
+
+
+    @ApiModelProperty(value = "父id")
+    private Integer fatherId;
+
 
     @ApiModelProperty(value = "栏目名称")
     @NotNull(message = "栏目名称不能为空")

src/main/java/com/huoran/iasf/vo/req/LabelCheckForHeavy.java

@@ -0,0 +1,16 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+import org.springframework.web.bind.annotation.RequestParam;
+
+@Data
+public class LabelCheckForHeavy {
+
+    @ApiParam(name = "siteId", value = "站点id", required = true)
+    Integer siteId;
+    @ApiParam(name = "labelName", value = "标签名称", required = true)
+    String labelName;
+    @ApiParam(name = "labelId", value = "标签id(新增不传，编辑传)", required = false)
+    Integer labelId;
+}

src/main/java/com/huoran/iasf/vo/req/OneLevelChecksThemAll.java

@@ -0,0 +1,18 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+import org.springframework.web.bind.annotation.RequestParam;
+
+@Data
+public class OneLevelChecksThemAll {
+
+    @ApiParam(name = "id", value = "栏目id", required = true)
+    Integer id;
+
+    @ApiParam(name = "isSort", value = "判断是否为排序接口调用(1为排序接口调用 0我栏目管理列表调用)", required = true)
+    Integer isSort;
+
+    @ApiParam(name = "ids", value = "主键", required = true)
+    Integer siteId;
+}

src/main/java/com/huoran/iasf/vo/req/PageContentReqVO.java

@@ -1,10 +1,14 @@
 package com.huoran.iasf.vo.req;
 
+import com.fasterxml.jackson.annotation.JsonAnyGetter;
+import com.fasterxml.jackson.annotation.JsonAnySetter;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
 import javax.validation.constraints.NotNull;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 
 /**
  * @描述：文章管理
@@ -49,4 +53,66 @@ public class PageContentReqVO extends PageReqVO {
     @ApiModelProperty(value = "召开类型(1.即将召开 2.已经召开)")
     private Integer convokeType;
 
+    private String role;
+
+    private boolean isadmin;
+
+    //多余参数处理，参数值不能出现admin，否则返回400
+    private Map<String, String> extraParams = new HashMap<>();
+    @JsonAnySetter
+    public void setExtraParam(String name, String value) {
+        // 在这里可以对额外参数进行验证或处理
+        if (name.contains("admin")||value.contains("admin")) {
+            throw new IllegalArgumentException("参数名不能包含admin");
+        }
+        this.extraParams.put(name, value);
+    }
+
+    @JsonAnyGetter
+    public Map<String, String> getExtraParams() {
+        return extraParams;
+    }
+
+    @ApiModelProperty(value = "修改时间排序(0默认倒序 1升序)")
+    private Integer modifiedTimeSort;
+
+    @ApiModelProperty(value = "发布时间排序(0默认倒序 1升序)")
+    private Integer publicationTimeSort;
+
+
+    @ApiModelProperty(value = "置顶排序(0默认升序 1倒序)")
+    private Integer topSort;
+
+    @ApiModelProperty(value = "是否禁用(0默认，0启用 1禁用)")
+    private Integer isDisable;
+
+    @ApiModelProperty(value = "专利类别id")
+    private Integer patentClassId;
+
+    @ApiModelProperty(value = "申请时间")
+    private String applicationDate;
+
+    @ApiModelProperty(value = "专利查询关键词")
+    private String patentQueryKeyWord;
+
+    @ApiModelProperty(value = "专著查询关键词")
+    private String monographQueryKeyWord;
+
+    @ApiModelProperty(value = "论文查询关键词")
+    private String paperQueryKeyWord;
+
+    @ApiModelProperty(value = "出版日期")
+    private String  publicationTime;
+
+
+    @ApiModelProperty(value = "发表年度/出版年度")
+    private String  publicationYear;
+
+
+    @ApiModelProperty(value = "出版开始时间")
+    private String  publicationStartTime;
+
+    @ApiModelProperty(value = "出版结束时间")
+    private String  endOfPublicationTime;
+
 }

src/main/java/com/huoran/iasf/vo/req/PageReqVO.java

@@ -1,8 +1,12 @@
 package com.huoran.iasf.vo.req;
 
+import com.fasterxml.jackson.annotation.JsonAnySetter;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  * @ProjectName: huorantech
  * @Package: com.huoran.occupationlab.entity.req
@@ -21,4 +25,5 @@ public class PageReqVO {
     @ApiModelProperty(value = "当前页需要显示的数量", name = "pageSize", example = "10", required = true)
     private Integer pageSize;
 
+
 }

src/main/java/com/huoran/iasf/vo/req/PaginationColumnReqVO.java

@@ -1,9 +1,12 @@
 package com.huoran.iasf.vo.req;
 
+import com.fasterxml.jackson.annotation.JsonAnySetter;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
 import javax.validation.constraints.NotNull;
+import java.util.HashMap;
+import java.util.Map;
 
 /**
  * @ProjectName: huorantech
@@ -34,4 +37,8 @@ public class PaginationColumnReqVO extends PageReqVO {
     @ApiModelProperty(value = "判断是否为排序接口调用(1为排序接口调用 0我栏目管理列表调用)")
     private Integer isSort;
 
+    private String role;
+
+    private boolean isadmin;
+
 }

src/main/java/com/huoran/iasf/vo/req/SubLevelColumnsUnderALevel.java

@@ -0,0 +1,13 @@
+package com.huoran.iasf.vo.req;
+
+import io.swagger.annotations.ApiParam;
+import lombok.Data;
+
+@Data
+public class SubLevelColumnsUnderALevel {
+
+    @ApiParam(name = "id", value = "id", required = true)
+    Integer id;
+    @ApiParam(name = "siteId", value = "站点id", required = true)
+    Integer siteId;
+}

src/main/java/com/huoran/iasf/vo/resp/DeptRespNodeVO.java

@@ -3,6 +3,7 @@ package com.huoran.iasf.vo.resp;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -13,7 +14,9 @@ import java.util.List;
  * @date 2022年7月28日
  */
 @Data
-public class DeptRespNodeVO {
+public class DeptRespNodeVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
     @ApiModelProperty(value = "组织id")
     private Integer id;
 

src/main/java/com/huoran/iasf/vo/resp/HomeRespVO.java

@@ -3,6 +3,7 @@ package com.huoran.iasf.vo.resp;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -13,7 +14,9 @@ import java.util.List;
  * @date 2022年7月28日
  */
 @Data
-public class HomeRespVO {
+public class HomeRespVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
     @ApiModelProperty(value = "用户信息")
     private UserInfoRespVO userInfo;
     @ApiModelProperty(value = "目录菜单")

src/main/java/com/huoran/iasf/vo/resp/LoginRespVO.java

@@ -4,6 +4,7 @@ import com.huoran.iasf.entity.SysPermission;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -14,7 +15,9 @@ import java.util.List;
  * @date 2022年7月28日
  */
 @Data
-public class LoginRespVO {
+public class LoginRespVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
     @ApiModelProperty(value = "token")
     private String accessToken;
     @ApiModelProperty(value = "用户名")
@@ -23,6 +26,7 @@ public class LoginRespVO {
     private Integer id;
     @ApiModelProperty(value = "电话")
     private String phone;
+    private boolean isStrong;
     @ApiModelProperty(value = "用户头像路径")
     private String userAvatars;
     @ApiModelProperty(value = "用户所拥有的菜单权限")

src/main/java/com/huoran/iasf/vo/resp/PageContentRespVO.java

@@ -2,10 +2,12 @@ package com.huoran.iasf.vo.resp;
 
 import com.baomidou.mybatisplus.annotation.*;
 import com.huoran.iasf.entity.SysColumn;
+import com.huoran.iasf.entity.SysContentFile;
 import com.huoran.iasf.vo.FatherContentRespVO;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
 import java.util.Date;
 import java.util.List;
 
@@ -15,7 +17,9 @@ import java.util.List;
  * @日期: 2022-08-05
  */
 @Data
-public class PageContentRespVO {
+public class PageContentRespVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
 
 
     @TableId(type = IdType.AUTO)
@@ -96,11 +100,10 @@ public class PageContentRespVO {
     private Integer isDisable;
 
 
-    @ApiModelProperty(value = "是否禁用(0默认，0启用 1禁用)")
+    @ApiModelProperty(value = "标签名称")
     private String labelName;
 
-
+    @ApiModelProperty(value = "分类名称(没有显示暂无)")
-    @ApiModelProperty(value = "是否禁用(0默认，0启用 1禁用)")
     private String classificationName;
 
 
@@ -141,10 +144,10 @@ public class PageContentRespVO {
     private String audit;
 
     @ApiModelProperty(value = "活动开始时间")
-    private Date activityStartTime;
+    private String activityStartTime;
 
     @ApiModelProperty(value = "活动结束时间")
-    private Date activityEndTime;
+    private String activityEndTime;
 
     @ApiModelProperty(value = "演讲系列")
     private String lectureSeries;
@@ -183,5 +186,71 @@ public class PageContentRespVO {
     @ApiModelProperty(value = "样式id(用于前端区分是会议还是文章跳转界面)")
     private Integer listStyleId;
 
+    /*@ApiModelProperty(value = "顺序(排序号)")
+    private Integer sequence;*/
+
+    @ApiModelProperty(value = "是否置顶(默认为0 不置顶 1为置顶)")
+    private Integer isTop;
+
+
+    @ApiModelProperty(value = "专利类别id")
+    private Integer patentClassId;
+
+    @ApiModelProperty(value = "申请时间")
+    private String applicationDate;
+
+    @ApiModelProperty(value = "授权日期")
+    private String dateOfAuthorization;
+
+    @ApiModelProperty(value = "发明人")
+    private String inventor;
+
+    @ApiModelProperty(value = "专利名称")
+    private String patentName;
+
+    @ApiModelProperty(value = "申请号")
+    private String applicationNumber;
+
+    @ApiModelProperty(value = "出版社")
+    private String publishingHouse;
+
+    @ApiModelProperty(value = "著名著作")
+    private String famousWorks;
+
+    @ApiModelProperty(value = "编写人员")
+    private String writersAndEditors;
+
+    @ApiModelProperty(value = "刊物名称")
+    private String periodicalName;
+
+    @ApiModelProperty(value = "卷")
+    private String reel;
+
+    @ApiModelProperty(value = "文献号")
+    private String documentNumber;
+
+    @ApiModelProperty(value = "文章关键字")
+    private String articleKeyWord;
+
+
+    @ApiModelProperty(value = "出版日期")
+    private String publicationTime;
+
+
+    @ApiModelProperty(value = "岗位")
+    private String post;
+
+    @ApiModelProperty(value = "专业")
+    private String major;
+
+    @ApiModelProperty(value = "爱好")
+    private String hobby;
+
+
+    @ApiModelProperty(value = "荣誉")
+    private String honor;
 
+    @ApiModelProperty(value = "文章附件")
+    @TableField(exist = false)
+    List<SysContentFile> fileList;
 }

src/main/java/com/huoran/iasf/vo/resp/PermissionRespNode.java

@@ -3,6 +3,7 @@ package com.huoran.iasf.vo.resp;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -13,7 +14,9 @@ import java.util.List;
  * @date 2022年7月28日
  */
 @Data
-public class PermissionRespNode {
+public class PermissionRespNode implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
     @ApiModelProperty(value = "id")
     private Integer id;
 

src/main/java/com/huoran/iasf/vo/resp/SortColumnRespVO.java

@@ -16,7 +16,9 @@ import java.util.List;
  * @日期: 2022-08-03
  */
 @Data
-public class SortColumnRespVO {
+public class SortColumnRespVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
 
 
     @TableId(type = IdType.AUTO)

src/main/java/com/huoran/iasf/vo/resp/UserInfoRespVO.java

@@ -3,6 +3,8 @@ package com.huoran.iasf.vo.resp;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
+
 /**
  * UserInfoRespVO
  *
@@ -11,7 +13,9 @@ import lombok.Data;
  * @date 2022年7月28日
  */
 @Data
-public class UserInfoRespVO {
+public class UserInfoRespVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
     @ApiModelProperty(value = "用户id")
     private String id;
     @ApiModelProperty(value = "账号")

src/main/java/com/huoran/iasf/vo/resp/UserListResp.java

@@ -6,6 +6,8 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.experimental.Accessors;
 
+import java.io.Serializable;
+
 /**
  * @Author chen
  * @DATE 2022/8/15 15:34
@@ -15,7 +17,9 @@ import lombok.experimental.Accessors;
 @EqualsAndHashCode(callSuper = false)
 @Accessors(chain = true)
 @ApiModel(value = "UserListResp", description = "用户列表")
-public class UserListResp {
+public class UserListResp implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
 
     @ApiModelProperty(value = "组织架构ID")
     private String deptArchitectureId;

src/main/java/com/huoran/iasf/vo/resp/UserOwnRoleRespVO.java

@@ -4,6 +4,7 @@ import com.huoran.iasf.entity.SysRole;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
 import java.util.List;
 
 /**
@@ -14,7 +15,9 @@ import java.util.List;
  * @date 2022年7月28日
  */
 @Data
-public class UserOwnRoleRespVO {
+public class UserOwnRoleRespVO implements Serializable {
+    // 类的内容
+    private static final long serialVersionUID = 1L;
     @ApiModelProperty("所有角色集合")
     private List<SysRole> allRole;
     @ApiModelProperty(value = "用户所拥有角色集合")

src/main/resources/application-dev.yml

@@ -6,15 +6,17 @@ spring:
       datasource:
         master:
           username: root
-          password: 123456
+#          password: 123456
-#          password: iasf#2022
+          password: iasf#2022
+#          password: HuoRan@2021
           driver-class-name: com.mysql.cj.jdbc.Driver
-#          url: jdbc:mysql://127.0.0.1:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
+          url: jdbc:mysql://127.0.0.1:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
-          url: jdbc:mysql://192.168.31.136:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
+#          url: jdbc:mysql://192.168.31.136:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
+#          url: jdbc:mysql://139.9.47.170:3306/iasf?serverTimezone=GMT%2B8
   cache:
     type: redis
   redis:
-    host: localhost # Redis服务器地址
+    host: 127.0.0.1 # Redis服务器地址
     database: 0 # Redis数据库索引（默认为0）
     port: 6379 # Redis服务器连接端口
     password: # Redis服务器连接密码（默认为空）
@@ -31,8 +33,13 @@ singleServerConfig:
   password:
 
 file:
-  #文件上传目录 绝对路径 末尾请加 /
+  #文件上传目录 绝对路径 末尾请加 / windows
-  path: C:/files/ #windows
+  path: C:/files/
-  #path: /data/files/ #linux
   #文件预览url
-  url: :10000/iasf/sysFiles/preview/
+  url: /iasf/sysFiles/preview/
+  #本地开启
+#  url: :10000/iasf/sysFiles/preview/
+#  ip: http://192.168.31.51
+  ip: https://new.iasf.ac.cn
+knife4j:
+  production: true #生成环境禁用查看文档

src/main/resources/application-prod.yml

@@ -6,28 +6,34 @@ spring:
       datasource:
         master:
           username: root
-          password: 123456
+          password: HuoRan@2021
           driver-class-name: com.mysql.cj.jdbc.Driver
-          url: jdbc:mysql://localhost:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
+          url: jdbc:mysql://139.9.47.170:3306/tmp_iasf?serverTimezone=GMT%2B8
+  cache:
+    type: redis
   redis:
-    host: localhost # Redis服务器地址
+    host: 127.0.0.1 # Redis服务器地址
-    database: 0 # Redis数据库索引（默认为0）
+    database: 1 # Redis数据库索引（默认为0）
     port: 6379 # Redis服务器连接端口
-    password: # Redis服务器连接密码（默认为空）
+    password: HuoRan@2021 # Redis服务器连接密码（默认为空）
     jedis:
       pool:
         max-active: 8 # 连接池最大连接数（使用负值表示没有限制）
         max-wait: -1ms # 连接池最大阻塞等待时间（使用负值表示没有限制）
         max-idle: 8 # 连接池中的最大空闲连接
         min-idle: 0 # 连接池中的最小空闲连接
-    timeout: 3000ms # 连接超时时间（毫秒
+    timeout: 3000ms # 连接超时时间（毫秒）
+
+singleServerConfig:
+  address: "redis://127.0.0.1:6379"
+  password: HuoRan@2021
 
 file:
-  #文件上传目录 绝对路径 末尾请加 /
+  #文件上传目录 绝对路径 末尾请加 / linux
-  path: D:/files/ #windows
+  path: /usr/local/huoran/tmp_website/files/
-  #path: /data/files/ #linux
+  #文件预览url
-  #文件预览、下载的url, 末尾请勿加 /
+  url: /iasf/sysFiles/preview/
-  url: :10000/iasf/sysFiles/preview/
+  ip: http://139.159.254.212
 
 knife4j:
   production: true #生成环境禁用查看文档

src/main/resources/application.yml

@@ -4,6 +4,13 @@ server:
   servlet:
     context-path: /iasf
 
+rsa:
+  encrypt:
+    timestampCheck: false #是否开启超过指定时间的数据认定为伪造
+    open: true # 是否开启加密 true  or  false
+    showLog: true # 是否打印加解密log true  or  false
+    publicKey: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08Nz0zscnWtddmaNylIPt9v5ZO6U6pYyGochRrbpI+ocwoyV4E1uUu3J9/mmR8pyMBcYzE5KkBytlaiLnd6dMqo4R60aihN/TqfuI/03LzgAS/egT/Q4VB9yZSyZCmJhrgTtSX5kxotAbewp0gqsWpi+6BUYDuiwJ0WNlhDVV4FOQIppmvHh0RqYDhjiPNAuy7fEtytT+IY4rxm6LggvmNtIq5k2oLbDxEeI1GOyFHT6sLGMkmBLmHu7JYcrlyUGyGWsxh8hVame1zQsScivrZu757BTGhN4xObTivIdAbR7uFeeX4lp0X1JNtIe9TwB/aZzKJjZMPXeV7BJ01g3MQIDAQAB
+    privateKey: MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDTw3PTOxyda112Zo3KUg+32/lk7pTqljIahyFGtukj6hzCjJXgTW5S7cn3+aZHynIwFxjMTkqQHK2VqIud3p0yqjhHrRqKE39Op+4j/TcvOABL96BP9DhUH3JlLJkKYmGuBO1JfmTGi0Bt7CnSCqxamL7oFRgO6LAnRY2WENVXgU5Aimma8eHRGpgOGOI80C7Lt8S3K1P4hjivGbouCC+Y20irmTagtsPER4jUY7IUdPqwsYySYEuYe7slhyuXJQbIZazGHyFVqZ7XNCxJyK+tm7vnsFMaE3jE5tOK8h0BtHu4V55fiWnRfUk20h71PAH9pnMomNkw9d5XsEnTWDcxAgMBAAECggEAUm5n3NbKycBsblV3ZkVRVwmq6A4zK6nxsP/fBS7YTCGqtlSRVvHtOxzTHNMyVgnJL00eWxEy1yxCqdolFvv8ByfZppUMmqkCSnT2L043OAs9mlS3M8hmUOC44AdfP3qSeXHziENKKTs1hlSC5v8+njmNPrxPVCZhw7fAaKT+1wOKE353QTNxacNua+dDx8zVO0xEznW+FKnYZ+ft2rHkiu1NkPRrWCpGHXZLXINT2FoQ7ECHkQUjD5IoRg2lvXNvjQPhs9BwnNsl3ODe/8PWbB0Lgtg9dLEmivyaNpTx/2Nl0QmFflIfp0rZs4SMnsJK56hQ8d5uhYbcpnn/gSbcAQKBgQD1gN/5oBxJAw2MVv3N8VcC/CWPHI4Er9vEVgrQSrO9QYBHSRX9/aoHmI4iK5opjHq6LYEt9JoGSdMPbRL2o16pkyZchuB/7Q5no9AD7iDSvvvt7qNqo2qkWpPA9pjodoWQaLAmC6M39ypNo3aSvrkuN11tOmU5bnaa94bofjoFcQKBgQDc0UgWiD0uTXSYCi1/GHCUuWi5X/HtsMS8Mz5SIln7x+X2rM0OECSQqYR4AGUZv81xh5mJetYDwJUvQXYGdaon8DP08VKD7uVEELF6SVf7woGVUSYxZdMss21cqksM3MXhyJ8QxO+eJSjGqwHf5AkB0KtMfnMKZqJIfXJsoVltwQKBgQDM3skJpSU1gIizznxqebWk1gn5zVhubNq2kx7fBxfLHXgRBNqHZEGZqSMjPMOfXI2mBAdC9FX8XWr1+o3SqC580EE5AY0i9A4LStZyESvu8lWGDpjsioaZtMSMSLz9cLqw8cvdU+TW9TmmJHz0pJggCy+50Ptb2+S6GUnJhlyg4QKBgDgiK4Uu1P60SfNsguxQNi5Yg7q8HTAjQ5/kFu+iM+XBh0AR5X6xs9niff5Te1/0VjGKGwnL5CPIDSSaK3qw5rSIZ2zY+/T2AeovpC5F/svNQkvG+UKNdAVlB2QLFlEKvnMLIQSOS6uUHq2CQ1O7EF8ZwLINYwk91fs/iJr82VMBAoGAEq3LN/LmOlB1OL6MaTTCEkvQq/wROt8poeLebycFcmZrsovR3MQKYuoY7IEjRw+ZvOauCJNM7mCpmeUVWAc3TPgWeQMzGALdb1X5u9xK8eq9WTutlSS/OSNGIYRJuSpO9efDdfoMHuR2Mleibs1yvxD4A2CXC10bSHE5huM07rY=
 spring:
   profiles:
     active: dev
@@ -16,6 +23,13 @@ spring:
   jackson:
     date-format: yyyy-MM-dd HH:mm:ss
     time-zone: GMT+8
+    # 解决API 成批分配问题
+    serialization:
+      # 某些类对象无法序列化的时候，是否报错
+      fail_on_empty_beans: true
+    deserialization:
+        # json对象中有不存在的属性时候，是否报错
+      fail_on_unknown_properties: true
   # 文件大小限制
   servlet:
     multipart:

src/test/java/com/company/project/CodeGenerator.java

@@ -41,10 +41,10 @@ public class CodeGenerator {
 
         // 3、数据源配置
         DataSourceConfig dsc = new DataSourceConfig();
-        dsc.setUrl("jdbc:mysql://192.168.31.136:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8");
+        dsc.setUrl("jdbc:mysql://139.9.47.170:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8");
         dsc.setDriverName("com.mysql.cj.jdbc.Driver");
         dsc.setUsername("root");
-        dsc.setPassword("123456");
+        dsc.setPassword("HuoRan@2021");
         dsc.setDbType(DbType.MYSQL);
         mpg.setDataSource(dsc);
 
@@ -61,9 +61,9 @@ public class CodeGenerator {
 
         // 5、策略配置
         StrategyConfig strategy = new StrategyConfig();
-        strategy.setInclude("sys_template_style_configuration");
+        strategy.setInclude("sys_seo");
         strategy.setNaming(NamingStrategy.underline_to_camel);//数据库表映射到实体的命名策略
-//        strategy.setTablePrefix("sys_"); //生成实体时去掉表前缀
+        strategy.setTablePrefix("sys_"); //生成实体时去掉表前缀
 
         strategy.setColumnNaming(NamingStrategy.underline_to_camel);//数据库表字段映射到实体的命名策略
         strategy.setEntityLombokModel(true); // lombok 模型 @Accessors(chain = true) setter链式操作